PT-2018-18092 · Finecms · Finecms

Name of the Vulnerable Software and Affected Versions: FineCms version 5.3.0 Description: The issue concerns a Cross Site Scripting XSS problem. It occurs via the id or lid parameter in a "c=linkage,m=import" request to "admin.php". The xss clean protection mechanism is bypassed by specially...

CVE-2017-11585

dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection...

FineCMS Cross-Site Scripting Vulnerability (CNVD-2017-15549)

FineCMS is an efficient and simple small and medium-sized content management system based on PHP+MySql+CI framework development for multiple terminals, including Pc-side web pages and mobile web pages, support for customized content models and member models, and can be customized fields, can be...