Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata.
4.8CVSS
4.9AI Score
0.001EPSS
Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet.
4.8CVSS
4.8AI Score
0.001EPSS
Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout.
4.8CVSS
4.9AI Score
0.001EPSS
Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.
4.8CVSS
4.9AI Score
0.002EPSS
Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field.
4.8CVSS
4.9AI Score
0.001EPSS
An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF.
5.4CVSS
5.3AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.003EPSS
FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.
4.8CVSS
4.8AI Score
0.001EPSS
A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.
4.9CVSS
5AI Score
0.001EPSS
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.
9.8CVSS
9.8AI Score
0.005EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/delete/123
8.8CVSS
7.2AI Score
0.001EPSS
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add
8.8CVSS
7.2AI Score
0.001EPSS