Lucene search
+L

199 matches found

CVE
CVE
added 2019/02/11 2:0 a.m.42 views

CVE-2018-20776

Frog CMS 0.9.5 is affected by an information-disclosure issue where a /public request can return a directory listing. The vulnerability is described as a directory listing exposure in Frog CMS 0.9.5. Connected sources (NVD/CVE records and CNVD) confirm the component and issue, but do not provide ...

7.5CVSS7.5AI score0.01514EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/02/11 2:0 a.m.46 views

CVE-2018-20774

CVE-2018-20774 affects Frog CMS 0.9.5, with a cross-site scripting (XSS) vulnerability in the admin/?/layout/edit/1 Body field. The root cause is improper input handling that allows injecting script into a form field which is subsequently rendered without sufficient sanitization, enabling client-...

5.4CVSS5.2AI score0.00637EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/02/11 2:0 a.m.45 views

CVE-2018-20773

CVE-2018-20773 affects Frog CMS 0.9.5, where an attacker can achieve PHP code execution by visiting admin/?/page/edit/1 and injecting additional

7.2CVSS7.3AI score0.02107EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/02/11 2:0 a.m.43 views

CVE-2018-20772

CVE-2018-20772 affects Frog CMS 0.9.5. The vulnerability allows PHP code execution via the PHP opening tag in the request to the URI admin/?/layout/edit/1, indicating a code-injection path in that administration handler. The root cause is improper handling of PHP code within that endpoint, enabli...

7.2CVSS7.3AI score0.02107EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/02/11 2:0 a.m.40 views

CVE-2018-20775

The CVE-2018-20775 entry concerns Frog CMS 0.9.5 where the admin/?/plugin/file_manager exposes a flaw that allows an attacker to create a new .php file containing PHP code and access it via the public/ URI, enabling PHP code execution. This aligns with the NVD description of a file-manager vulner...

7.2CVSS7.3AI score0.02107EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/02/11 2:0 a.m.50 views

CVE-2018-20777

CVE-2018-20777 affects Frog CMS 0.9.5 with Cross-Site Scripting in the admin/?/snippet/edit/1 Body field. The NVD entry lists a CVSSv3.0 base score of 5.4 (MEDIUM) with NETWORK attack vector, LOW privileges required, user interaction REQUIRED, and a CHANGED scope; CVSSv2 base score is 3.5 (LOW). ...

5.4CVSS5.2AI score0.00637EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/02/11 12:0 a.m.5 views

Frog CMS Information Disclosure Vulnerability

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. An information disclosure vulnerability exists in Frog CMS. An attacker could exploit the vulnerability ...

7.5CVSS6.1AI score0.01514EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/11 12:0 a.m.4 views

Frog CMS Code Injection Vulnerability (CNVD-2019-34647)

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A code injection vulnerability exists in Frog CMS. An attacker could use this vulnerability to generate...

7.2CVSS7.6AI score0.02107EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/11 12:0 a.m.4 views

Frog CMS Code Injection Vulnerability (CNVD-2019-34646)

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A code injection vulnerability exists in Frog CMS. An attacker could use this vulnerability to generate...

7.2CVSS7.6AI score0.02107EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/11 12:0 a.m.5 views

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2019-34645)

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A cross-site scripting vulnerability exists in Frog CMS. An attacker can exploit this vulnerability to...

5.4CVSS6.4AI score0.00637EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/11 12:0 a.m.6 views

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2019-34648)

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A cross-site scripting vulnerability exists in Frog CMS. An attacker can exploit this vulnerability to...

6.1CVSS6.4AI score0.00826EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/11 12:0 a.m.4 views

Frog CMS Code Injection Vulnerability

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A code injection vulnerability exists in Frog CMS. An attacker could use this vulnerability to generate...

7.2CVSS7.6AI score0.02107EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/14 12:0 a.m.5 views

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2019-01866)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit thi...

6.1CVSS6.1AI score0.00675EPSS
Exploits1References1
Prion
Prion
added 2019/01/12 2:29 a.m.14 views

Cross site scripting

Frog CMS 0.9.5 allows XSS via the forgot password page aka the /admin/?/login/forgot URI...

4.3CVSS6.1AI score0.00675EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/01/12 2:29 a.m.13 views

CVE-2019-6243

Frog CMS 0.9.5 allows XSS via the forgot password page aka the /admin/?/login/forgot URI...

6.1CVSS6.1AI score0.00675EPSS
Exploits1References1
OSV
OSV
added 2019/01/12 2:29 a.m.5 views

CVE-2019-6243

Frog CMS 0.9.5 allows XSS via the forgot password page aka the /admin/?/login/forgot URI...

6.1CVSS6.3AI score0.00675EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/01/12 2:0 a.m.18 views

CVE-2019-6243

Frog CMS 0.9.5 allows XSS via the forgot password page aka the /admin/?/login/forgot URI...

6.2AI score0.00675EPSS
Exploits1References1
CVE
CVE
added 2019/01/12 2:0 a.m.43 views

CVE-2019-6243

CVE-2019-6243 affects Frog CMS 0.9.5 with a cross-site scripting (XSS) vulnerability exposed via the forgot password page (the /admin/?/login/forgot URI). The issue is confirmed across multiple sources (NVD entry and CNVD/CVEs references) and is limited to input handling on the forgot-password fl...

6.1CVSS6AI score0.00675EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/01/11 12:0 a.m.5 views

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2019-01314)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5, which can be exploited by a remot...

4.8CVSS6.2AI score0.00583EPSS
Exploits1References1
OSV
OSV
added 2019/01/09 5:29 p.m.5 views

CVE-2018-20680

Frog CMS 0.9.5 has XSS in the admin/?/page/edit/1 body field...

4.8CVSS5.8AI score0.00583EPSS
Exploits1References1
Rows per page
Query Builder