307 matches found
CVE-2018-20778
admin/?/plugin/filemanager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element...
CVE-2018-20772
Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...
Design/Logic Flaw
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional ?php lines...
Cross site scripting
admin/?/plugin/filemanager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element...
Code injection
Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...
Design/Logic Flaw
Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field...
CVE-2018-20773
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional ?php lines...
CVE-2018-20773
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional ?php lines...
Code injection
admin/?/plugin/filemanager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI...
CVE-2018-20772
Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...
Design/Logic Flaw
Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field...
CVE-2018-20776
Frog CMS 0.9.5 provides a directory listing for a /public request...
CVE-2018-20775
admin/?/plugin/filemanager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI...
CVE-2018-20774
Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field...
CVE-2018-20777
Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field...
CVE-2018-20772
Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...
CVE-2018-20776
Frog CMS 0.9.5 is affected by an information-disclosure issue where a /public request can return a directory listing. The vulnerability is described as a directory listing exposure in Frog CMS 0.9.5. Connected sources (NVD/CVE records and CNVD) confirm the component and issue, but do not provide ...
CVE-2018-20773
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional ?php lines...
CVE-2018-20778
CVE-2018-20778 corresponds to Frog CMS 0.9.5 where the vulnerability exists in the admin/?/plugin/file_manager component. The issue arises from creating a new file containing a crafted attribute of an IMG element, enabling cross-site scripting (XSS). The affected software is Frog CMS 0.9.5; root ...
CVE-2018-20773
CVE-2018-20773 affects Frog CMS 0.9.5, where an attacker can achieve PHP code execution by visiting admin/?/page/edit/1 and injecting additional