2 matches found
LFCMS Information Disclosure Vulnerability
Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A security vulnerability exists in LFCMS version 3.8.6. An attacker can exploit the vulnerability to disclose the full path with the help of /install.php?s=/1 URI...
LFCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00992)
Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A cross-site request forgery vulnerability exists in the admin.php?s=/Member/add.html page in LFCMS version 3.8.6. A remote attacker can exploit this vulnerability to perform unauthorized operations...