Lucene search
+L
Xjd2020Fastcms

7 matches found

CVE
CVE
added 2025/03/21 2:31 p.m.95 views

CVE-2025-2593

FastCMS

6.5CVSS6.8AI score0.00303EPSS
Web
CVE
CVE
added 2025/02/16 12:31 a.m.65 views

CVE-2025-1332

FastCMS ≤ 0.1.5 is affected by a cross-site scripting vulnerability in the Template Menu component (file /fastcms.html#/template/menu). The issue arises from unknown code in that path and is exploitable remotely; exploit has been disclosed publicly. Public details across sources indicate no versi...

4.8CVSS3.7AI score0.00352EPSS
CVE
CVE
added 2022/12/06 12:0 a.m.56 views

CVE-2022-4300

CVE-2022-4300 affects FastCMS, specifically the Template Handler’s /template/edit path. The vulnerability is described as a template injection resulting from manipulation of that file/endpoint, with remote initiation and public disclosure of exploits. Multiple connected sources corroborate a crit...

8.8CVSS7.8AI score0.00793EPSS
CVE
CVE
added 2023/03/06 7:21 a.m.53 views

CVE-2023-1191

CVE-2023-1191 affects the fastcms ZIP File Handler, specifically the file path admin/TemplateController.java. Multiple connected sources describe a path traversal vulnerability that can be exploited remotely, with public disclosure of exploits. The initial descriptions note that the product does ...

7.2CVSS5.8AI score0.00908EPSS
CVE
CVE
added 2024/05/24 6:31 a.m.52 views

CVE-2023-1111

FastCMS up to 0.1.5 is affected. The issue exists in the New Article Tab functionality where manipulating the Title argument triggers cross-site scripting. The attack can be performed remotely, and public exploits have been disclosed. No remediation details are provided in the referenced documents.

5.1CVSS3.3AI score0.00321EPSS
CVE
CVE
added 2024/08/13 6:0 p.m.50 views

CVE-2024-7733

Summary: CVE-2024-7733 affects FastCMS up to version 0.1.5 in the New Article Category Page component. The issue enables cross-site scripting and can be exploited remotely; public disclosure is noted by multiple feeds (NVD, Red Hat, CVE listings, PT Security, CNNVD, etc.). The root cause is an un...

5.4CVSS3.8AI score0.00406EPSS
CVE
CVE
added 2026/02/26 12:0 a.m.16 views

CVE-2026-26682

Summary: fastCMS prior to v0.1.6 contains a security issue in the PluginController.java that enables a local attacker to execute arbitrary code. Affected software/component: fastCMS (PluginController.java). Impact: local code execution with high impact (per CVSS) as described in referenced record...

7.8CVSS6AI score0.00182EPSS