Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Frogcms Security Vulnerabilities

cve
cve

CVE-2018-10318

Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata.

4.8CVSS

4.9AI Score

0.001EPSS

2018-04-24 02:29 AM
28
cve
cve

CVE-2018-10319

Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet.

4.8CVSS

4.8AI Score

0.001EPSS

2018-04-24 02:29 AM
28
cve
cve

CVE-2018-10320

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout.

4.8CVSS

4.9AI Score

0.001EPSS

2018-04-24 02:29 AM
23
cve
cve

CVE-2018-10321

Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.

4.8CVSS

4.9AI Score

0.002EPSS

2018-04-24 06:29 AM
40
cve
cve

CVE-2018-10570

Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field.

4.8CVSS

4.9AI Score

0.001EPSS

2018-04-30 04:29 PM
23
cve
cve

CVE-2018-10806

An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF.

5.4CVSS

5.3AI Score

0.001EPSS

2018-05-08 07:29 AM
28
cve
cve

CVE-2018-16447

Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.

8.8CVSS

8.6AI Score

0.003EPSS

2018-09-04 04:29 AM
21
cve
cve

CVE-2018-19844

FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.

4.8CVSS

4.8AI Score

0.001EPSS

2018-12-31 03:29 PM
24
cve
cve

CVE-2020-25872

A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.

4.9CVSS

5AI Score

0.001EPSS

2021-10-29 08:15 PM
22
cve
cve

CVE-2021-26794

Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.

9.8CVSS

9.8AI Score

0.005EPSS

2021-09-23 05:15 PM
23
cve
cve

CVE-2024-42623

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 05:15 PM
25
cve
cve

CVE-2024-42624

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 05:15 PM
25
cve
cve

CVE-2024-42625

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 05:15 PM
27
cve
cve

CVE-2024-42626

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 05:15 PM
25
cve
cve

CVE-2024-42627

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 05:15 PM
29
cve
cve

CVE-2024-42628

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 04:15 PM
27
cve
cve

CVE-2024-42629

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 04:15 PM
27
cve
cve

CVE-2024-42630

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 04:15 PM
26
cve
cve

CVE-2024-42631

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 04:15 PM
29
cve
cve

CVE-2024-42632

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.

8.8CVSS

7.2AI Score

0.001EPSS

2024-08-12 04:15 PM
27