Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-13153

Malware in sbrugna...

7.5CVSS7.6AI score0.01287EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:44 a.m.8 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.8CVSS7AI score0.00523EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:4 a.m.16 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS6.8AI score0.01369EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:39 a.m.7 views

CVE-2018-20602

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

7.5CVSS6.9AI score0.01287EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/31 12:0 a.m.3 views

LFCMS Information Disclosure Vulnerability

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A security vulnerability exists in LFCMS version 3.8.6. An attacker can exploit the vulnerability to disclose the full path with the help of /install.php?s=/1 URI...

7.5CVSS6.8AI score0.01287EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/31 12:0 a.m.5 views

LFCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00992)

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A cross-site request forgery vulnerability exists in the admin.php?s=/Member/add.html page in LFCMS version 3.8.6. A remote attacker can exploit this vulnerability to perform unauthorized operations...

8.8CVSS7AI score0.00523EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/31 12:0 a.m.5 views

LFCMS Directory Traversal Vulnerability

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. LFCMS version 3.8.6 of http://www.a.com:84/admin.php?s=/Template/index.html页面存在目录遍历漏洞. An attacker can exploit this vulnerability with the help of the '...' sequence in the Template/edit/path URIs. ' sequence in...

4.9CVSS7AI score0.01369EPSS
Exploits1References1
OSV
OSV
added 2018/12/30 9:29 p.m.4 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS5.8AI score0.01369EPSS
Exploits1References1
Prion
Prion
added 2018/12/30 9:29 p.m.16 views

Directory traversal

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4CVSS5AI score0.01369EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/12/30 9:29 p.m.15 views

Path traversal

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

5CVSS7.5AI score0.01287EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/12/30 9:29 p.m.21 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.8CVSS8.7AI score0.00523EPSS
Exploits1References1
NVD
NVD
added 2018/12/30 9:29 p.m.25 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS5AI score0.01369EPSS
Exploits1References1
Prion
Prion
added 2018/12/30 9:29 p.m.18 views

Cross site request forgery (csrf)

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

6.8CVSS8.7AI score0.00523EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/12/30 9:29 p.m.3 views

CVE-2018-20602

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

7.5CVSS5.8AI score0.01287EPSS
Exploits1References1
NVD
NVD
added 2018/12/30 9:29 p.m.14 views

CVE-2018-20602

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

7.5CVSS7.5AI score0.01287EPSS
Exploits1References1
OSV
OSV
added 2018/12/30 9:29 p.m.4 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.8CVSS5.8AI score0.00523EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/30 9:0 p.m.31 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

5AI score0.01369EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/30 9:0 p.m.26 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.7AI score0.00523EPSS
Exploits1References1
CVE
CVE
added 2018/12/30 9:0 p.m.50 views

CVE-2018-20603

The CVE-2018-20603 entry concerns Lei Feng TV CMS (aka LFCMS) version 3.8.6, which is vulnerable to CSRF on the admin page admin.php?s=/Member/add.html. The root cause, as stated across connected records, is a cross-site request forgery vulnerability in the LFCMS 3.8.6 administrative interface, e...

8.8CVSS8.6AI score0.00523EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/12/30 9:0 p.m.36 views

CVE-2018-20604

CVE-2018-20604 affects Lei Feng TV CMS (LFCMS) 3.8.6. A Directory Traversal is possible by crafting URIs using ..* in Template/edit/path, e.g., admin.php?s=/Template/edit/path/web .... ..*..*1.txt.html, enabling reading of arbitrary files (demonstrated with 1.txt). The connected records confirm t...

4.9CVSS5AI score0.01369EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder