CVE-2025-2132

A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajaxalllists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2022-37730

In ftcms 2.1, there is a Cross Site Request Forgery CSRF vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server corresponding to the identity authentication...

PT-2022-24053 · Ftcms · Ftcms

Name of the Vulnerable Software and Affected Versions: ftcms version 2.1 Description: The issue allows an attacker to insert malicious JavaScript code into the web page, causing the user or administrator to trigger malicious code when accessing. This is a result of a XSS vulnerability in the...

PT-2022-24052 · Ftcms · Ftcms

Name of the Vulnerable Software and Affected Versions: ftcms version 2.1 Description: The issue is related to a Cross Site Request Forgery CSRF vulnerability in the PHP page. This vulnerability allows an attacker to forge a link, tricking the victim into clicking on a malicious link or visiting a...