Fiyo Cms@2.0.1.8 Security Vulnerabilities and Issues — Fiyo Cms@2.0.1.8 CVE List

Lucene search

FiyoFiyo Cms2.0.1.8

3 matches found

CVE•added 2015/04/14 2:59 p.m.•48 views

CVE-2014-9145

Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an edit action to dapur/index.php; (2) cat, (3) user, or (4) level parameter to dapur/apps/app_article/controller/article_list.php; or (5) email parameter ...

7.5CVSS10AI score0.01016EPSS

CVE•added 2015/04/14 2:59 p.m.•46 views

CVE-2014-9146

Multiple cross-site scripting (XSS) vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to inject arbitrary web script or HTML via the (1) view, (2) id, (3) page, or (4) app parameter to the default URI or the (5) act parameter to dapur/index.php.

4.3CVSS7.8AI score0.00434EPSS

CVE•added 2017/04/10 5:59 p.m.•46 views

CVE-2017-7625

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

9.8CVSS9.4AI score0.0146EPSS