Lucene search
+L

22 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-13153

Malware in sbrugna...

7.5CVSS7.6AI score0.01287EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 7:44 a.m.9 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.8CVSS7AI score0.00523EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 7:4 a.m.16 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS6.8AI score0.01369EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 6:39 a.m.9 views

CVE-2018-20602

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

7.5CVSS6.9AI score0.01287EPSS
Exploits1References1
cnvd
cnvd
added 2018/12/31 12:0 a.m.6 views

LFCMS Directory Traversal Vulnerability

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. LFCMS version 3.8.6 of http://www.a.com:84/admin.php?s=/Template/index.html页面存在目录遍历漏洞. An attacker can exploit this vulnerability with the help of the '...' sequence in the Template/edit/path URIs. ' sequence in...

4.9CVSS7AI score0.01369EPSS
Exploits1References1
cnvd
cnvd
added 2018/12/31 12:0 a.m.5 views

LFCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00992)

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A cross-site request forgery vulnerability exists in the admin.php?s=/Member/add.html page in LFCMS version 3.8.6. A remote attacker can exploit this vulnerability to perform unauthorized operations...

8.8CVSS7AI score0.00523EPSS
Exploits1References1
cnvd
cnvd
added 2018/12/31 12:0 a.m.5 views

LFCMS Information Disclosure Vulnerability

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A security vulnerability exists in LFCMS version 3.8.6. An attacker can exploit the vulnerability to disclose the full path with the help of /install.php?s=/1 URI...

7.5CVSS6.8AI score0.01287EPSS
Exploits1References1
osv
osv
added 2018/12/30 9:29 p.m.4 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS5.8AI score0.01369EPSS
Exploits1References1
prion
prion
added 2018/12/30 9:29 p.m.16 views

Directory traversal

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4CVSS5AI score0.01369EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2018/12/30 9:29 p.m.21 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.8CVSS8.7AI score0.00523EPSS
Exploits1References1
nvd
nvd
added 2018/12/30 9:29 p.m.25 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS5AI score0.01369EPSS
Exploits1References1
osv
osv
added 2018/12/30 9:29 p.m.6 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.8CVSS5.8AI score0.00523EPSS
Exploits1References1
prion
prion
added 2018/12/30 9:29 p.m.17 views

Path traversal

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

5CVSS7.5AI score0.01287EPSS
Exploits1References1Affected Software1
osv
osv
added 2018/12/30 9:29 p.m.5 views

CVE-2018-20602

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

7.5CVSS5.8AI score0.01287EPSS
Exploits1References1
prion
prion
added 2018/12/30 9:29 p.m.19 views

Cross site request forgery (csrf)

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

6.8CVSS8.7AI score0.00523EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2018/12/30 9:29 p.m.16 views

CVE-2018-20602

Lei Feng TV CMS aka LFCMS 3.8.6 allows full path disclosure via the /install.php?s=/1 URI...

7.5CVSS7.5AI score0.01287EPSS
Exploits1References1
cvelist
cvelist
added 2018/12/30 9:0 p.m.26 views

CVE-2018-20603

Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...

8.7AI score0.00523EPSS
Exploits1References1
cvelist
cvelist
added 2018/12/30 9:0 p.m.31 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

5AI score0.01369EPSS
Exploits1References1
cve
cve
added 2018/12/30 9:0 p.m.36 views

CVE-2018-20602

CVE-2018-20602 affects Lei Feng TV CMS (LFCMS) 3.8.6. The vulnerability is an information disclosure via the URI /install.php?s=/1, resulting in full path disclosure. Multiple connected records corroborate this issue across sources (NVD entry, RH Red Hat advisory, CNVD/CNVD-2019-00991, PRION, etc...

7.5CVSS7.4AI score0.01287EPSS
Exploits1References1Affected Software1
cve
cve
added 2018/12/30 9:0 p.m.52 views

CVE-2018-20603

The CVE-2018-20603 entry concerns Lei Feng TV CMS (aka LFCMS) version 3.8.6, which is vulnerable to CSRF on the admin page admin.php?s=/Member/add.html. The root cause, as stated across connected records, is a cross-site request forgery vulnerability in the LFCMS 3.8.6 administrative interface, e...

8.8CVSS8.6AI score0.00523EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder