CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

SUSE CVE•added 2025/04/28 1:6 a.m.•2 views

SUSE CVE-2017-11354

Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/apparticle/sysarticle.php via the name parameter in editing or adding a tag name...

9.8CVSS8.2AI score0.00233EPSS

Exploits0References3

OSV•added 2018/10/21 1:29 a.m.•1 views

CVE-2018-18545

Fiyo CMS 2.0.7 has XSS via the dapur\apps\appuser\edituser.php name parameter...

6.1CVSS5.8AI score0.00266EPSS

Exploits1References1

CNVD•added 2017/12/05 12:0 a.m.•3 views

Fiyo CMS Arbitrary File Read Vulnerability

Fiyo CMS is a content management system CMS for creating CMS templates. An arbitrary file read vulnerability exists in the dapur/apps/apptheme/libs/checkfile.php file in Fiyo CMS version 2.0.7. An attacker can exploit this vulnerability to obtain sensitive information...

7.8CVSS6.8AI score0.00435EPSS

Exploits1References1

NVD•added 2017/12/04 8:29 a.m.•8 views

CVE-2017-17104

Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/apptheme/libs/checkfile.php via $GET'src' or $GET'name'...

7.8CVSS7.5AI score0.00435EPSS

Exploits1References1

Prion•added 2017/12/04 8:29 a.m.•11 views

Arbitrary file deletion

Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/apptheme/libs/checkfile.php via $GET'src' or $GET'name'...

7.8CVSS7.5AI score0.00435EPSS

Exploits1References1Affected Software1

OSV•added 2017/07/18 5:29 a.m.•2 views

CVE-2017-11415

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/sysarticle.php via $POST'parentid', $POST'desc', $POST'keys', and $POST'level'...

9.8CVSS5.8AI score0.00271EPSS

Exploits0References1

OSV•added 2017/07/18 5:29 a.m.•2 views

CVE-2017-11418

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/controller/articlelist.php via $GET'cat', $GET'user', $GET'level', and $GET'iSortCol'.$i...

9.8CVSS5.8AI score0.00271EPSS

Exploits0References1

CNVD•added 2017/07/18 12:0 a.m.•2 views

Fiyo CMS SQL Injection Vulnerability (CNVD-2017-23894)

Fiyo CMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the dapur/apps/apparticle/sysarticle.php file in Fiyo CMS version 2.0.7. A remote attacker can exploit the vulnerability to execute arbitrary SQL commands with the help of...

9.8CVSS10AI score0.00271EPSS

Exploits0References1

CNVD•added 2017/04/12 12:0 a.m.•2 views

Fiyo CMS Arbitrary File Upload Vulnerability

Fiyo CMS is a content management system CMS for creating CMS templates. A security vulnerability exists in Fiyo CMS versions 2.x through 2.0.7. The vulnerability can be exploited by an attacker to execute code by sending the 'content' parameter to the file /dapur/apps/apptheme/libs/savefile.php...

9.8CVSS7.3AI score0.01364EPSS

Exploits1References1

OSV•added 2017/03/12 5:59 a.m.•1 views

CVE-2017-6823

Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter to dapur/ in an app=user&act=edit action...

8.8CVSS5.8AI score0.06845EPSS

Exploits2References3

seebug.org•added 2015/05/20 12:0 a.m.•13 views

Fiyo-cms 2.018 /dapur/index.php SQL注入漏洞

漏洞链接： http://localhost/fiyo/dapur/index.php?app=user&act=edit&id=1sqli Parameter: id Type: UNION query Title: MySQL UNION query NULL - 10 columns Payload: app=user&act=edit&id=-1874 UNION ALL SELECT NULL,NULL,CONCAT0x7171676471,0x66457070464452786c58,0x716a767471,NULL,NULL,NULL,NULL,NULL,NULL,NUL...

7AI score

Exploits0

NVD•added 2015/04/14 2:59 p.m.•28 views

CVE-2014-9146

Multiple cross-site scripting XSS vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to inject arbitrary web script or HTML via the 1 view, 2 id, 3 page, or 4 app parameter to the default URI or the 5 act parameter to dapur/index.php...

4.3CVSS5.7AI score0.00434EPSS

Exploits5References1

Prion•added 2015/04/14 2:59 p.m.•25 views

Cross site scripting

4.3CVSS6.1AI score0.00434EPSS

Exploits5References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by