Vulnerabilities > Frogcms Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-12 | CVE-2024-42631 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1. | 8.8 |
2024-08-12 | CVE-2024-42632 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add. | 8.8 |
2021-10-29 | CVE-2020-25872 | Path Traversal vulnerability in Frogcms Project Frogcms 0.9.5 A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter. | 4.9 |
2021-09-23 | CVE-2021-26794 | Unrestricted Upload of File with Dangerous Type vulnerability in Frogcms Project Frogcms 0.9.5 Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. | 9.8 |
2018-12-31 | CVE-2018-19844 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. | 4.8 |
2018-09-04 | CVE-2018-16447 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | 8.8 |
2018-05-08 | CVE-2018-10806 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 An issue was discovered in Frog CMS 0.9.5. | 5.4 |
2018-04-30 | CVE-2018-10570 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. | 4.8 |
2018-04-24 | CVE-2018-10321 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings. | 4.8 |
2018-04-24 | CVE-2018-10320 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout. | 4.8 |