FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.
9.8CVSS
9.8AI Score
0.002EPSS
FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php.
9.8CVSS
9.2AI Score
0.008EPSS