Vulnerabilities > Frogcms Project

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-42631 Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.
network
low complexity
frogcms-project CWE-352
8.8
2024-08-12 CVE-2024-42632 Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.
network
low complexity
frogcms-project CWE-352
8.8
2021-10-29 CVE-2020-25872 Path Traversal vulnerability in Frogcms Project Frogcms 0.9.5
A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.
network
low complexity
frogcms-project CWE-22
4.9
2021-09-23 CVE-2021-26794 Unrestricted Upload of File with Dangerous Type vulnerability in Frogcms Project Frogcms 0.9.5
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.
network
low complexity
frogcms-project CWE-434
critical
9.8
2018-12-31 CVE-2018-19844 Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5
FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.
network
low complexity
frogcms-project CWE-79
4.8
2018-09-04 CVE-2018-16447 Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
network
low complexity
frogcms-project CWE-352
8.8
2018-05-08 CVE-2018-10806 Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5
An issue was discovered in Frog CMS 0.9.5.
network
low complexity
frogcms-project CWE-79
5.4
2018-04-30 CVE-2018-10570 Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5
Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field.
network
low complexity
frogcms-project CWE-79
4.8
2018-04-24 CVE-2018-10321 Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5
Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.
network
low complexity
frogcms-project CWE-79
4.8
2018-04-24 CVE-2018-10320 Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5
Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout.
network
low complexity
frogcms-project CWE-79
4.8