Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing, Alert pop-up on page, Redirecting to another phishing site, Executing browser exploits. The component is:...
5.4CVSS
5.4AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/...
7.2CVSS
7.3AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG...
6.1CVSS
5.9AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.006EPSS
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting...
7.2CVSS
7.3AI Score
0.001EPSS
7.2CVSS
7.3AI Score
0.001EPSS
Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot...
6.1CVSS
6AI Score
0.001EPSS
4.8CVSS
4.9AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
4.9CVSS
5.2AI Score
0.001EPSS
4.8CVSS
4.8AI Score
0.001EPSS
An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to...
7.2CVSS
8.2AI Score
0.037EPSS
4.8CVSS
4.9AI Score
0.001EPSS
Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/...
4.8CVSS
4.9AI Score
0.001EPSS
An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens.....
8.8CVSS
8.5AI Score
0.002EPSS
An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension...
9.8CVSS
7AI Score
0.037EPSS