15 matches found
CVE-2018-17048
admin/Lib/Action/FpluginAction.class.php in FDCMS aka Fangfa Content Manage System 4.2 allows SQL Injection...
FDCMS File Containment Vulnerability
FDCMS is a PHP-based content management system of Sichuan Method Digital Technology Co. A file inclusion vulnerability exists in FDCMS version 4.0. An attacker can exploit this vulnerability to obtain a webshell in the background via Front/lib/Action/FindexAction.class.php...
FDCMS SQL Injection Vulnerability
FDCMS is a PHP-based content management system of Sichuan Method Digital Technology Co. A SQL injection vulnerability exists in FDCMS version 4.0. An attacker can use this vulnerability to inject malicious SQL via Admin/Lib/Action/FloginAction.class.php to obtain database records...
CVE-2020-35442
FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...
Sql injection
FDCMS aka Fangfa Content Management System 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php...
Design/Logic Flaw
FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...
CVE-2020-35442
FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...
CVE-2020-35442
FDCMS (Fangfa Content Management System) 4.0 is affected by a file inclusion vulnerability in Front/lib/Action/FindexAction.class.php, allowing remote attackers to obtain a webshell in the background. The issue is described across multiple sources (CNVD/CNNVD) as a PHP-based vulnerability in vers...
CVE-2020-35441
CVE-2020-35441 corresponds to a SQL injection in FDCMS 4.0 exposed via the path Admin/Lib/Action/FloginAction.class.php . The connected sources consistently describe a vulnerability that would allow an attacker to manipulate SQL queries within the web-facing component and “obtain database records...
CVE-2020-35441
FDCMS aka Fangfa Content Management System 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php...
CVE-2018-17048
admin/Lib/Action/FpluginAction.class.php in FDCMS aka Fangfa Content Manage System 4.2 allows SQL Injection...
Sql injection
admin/Lib/Action/FpluginAction.class.php in FDCMS aka Fangfa Content Manage System 4.2 allows SQL Injection...
CVE-2018-17048
admin/Lib/Action/FpluginAction.class.php in FDCMS aka Fangfa Content Manage System 4.2 allows SQL Injection...
CVE-2018-17048
admin/Lib/Action/FpluginAction.class.php in FDCMS aka Fangfa Content Manage System 4.2 allows SQL Injection...
CVE-2018-17048
CVE-2018-17048 affects FDCMS (Fangfa Content Management System) version 4.2. The vulnerability is an SQL Injection in file admin/Lib/Action/FpluginAction.class.php , with the root cause described as unsafely constructed SQL leading to partial/high impact on confidentiality depending on access. Do...