Lucene search
K
Fanli2012Native-php-cms

5 matches found

CVE
CVE
added 2025/01/15 8:31 p.m.71 views

CVE-2025-0487

The CVE-2025-0487 entry affects Fanli2012 native-php-cms 1.0. The vulnerable component is the file /fladmin/cat_edit.php, where manipulation of the id parameter enables SQL injection. Exploitation is described as possible remotely and publicly disclosed, indicating an active risk. Several connect...

9.8CVSS6.8AI score0.00495EPSS
Web
CVE
CVE
added 2025/01/15 10:0 p.m.66 views

CVE-2025-0491

Fanli2012 native-php-cms 1.0 contains a SQL injection flaw in an unknown function of /fladmin/cat_dodel.php triggered by manipulating the id parameter. The issue is exploitable remotely and an exploit has been disclosed publicly. Several sources list this CVE (CVE-2025-0491) with critical severit...

9.8CVSS6.8AI score0.00577EPSS
Web
CVE
CVE
added 2025/01/15 8:0 p.m.61 views

CVE-2025-0485

CVE-2025-0485 — Fanli2012 native-php-cms 1.0 is affected. An unknown function in /fladmin/sysconfig_doedit.php is susceptible to cross-site scripting via manipulation of the argument info. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly. No remediation det...

6.1CVSS3.8AI score0.00314EPSS
Web
CVE
CVE
added 2025/01/15 8:0 p.m.58 views

CVE-2025-0484

Fanli2012 native-php-cms 1.0 Backend module vulnerability in the file /fladmin/sysconfig_doedit.php allows improper authorization. A remote attacker could exploit this, with public disclosure of the exploit noted in the CVE description. The issue is described across multiple sources (NVD, RHAC, C...

7.5CVSS7.3AI score0.00536EPSS
CVE
CVE
added 2025/01/15 8:31 p.m.56 views

CVE-2025-0486

CVE-2025-0486 affects Fanli2012 native-php-cms 1.0. The vulnerability lies in the /fladmin/login.php file, where manipulating the username parameter enables SQL injection. It is exploitable remotely and has been disclosed publicly. Multiple sources corroborate the issue with high impact across co...

9.8CVSS7.5AI score0.00499EPSS
Web