Lei Feng Tv Cms@3.8.6 Security Vulnerabilities and Issues — Lei Feng Tv Cms@3.8.6 CVE List

Lucene search

LfdycmsLei Feng Tv Cms3.8.6

3 matches found

CVE•added 2018/12/30 9:29 p.m.•32 views

CVE-2018-20603

Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF.

8.8CVSS8.6AI score0.00141EPSS

CVE•added 2018/12/30 9:29 p.m.•25 views

CVE-2018-20604

Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web .... ..*..*1.txt.html URI to read the 1.txt file.

4.9CVSS5AI score0.00425EPSS

CVE•added 2018/12/30 9:29 p.m.•24 views

CVE-2018-20602

Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI.

7.5CVSS7.4AI score0.00316EPSS