7 matches found
CVE-2025-2593
FastCMS
CVE-2025-1332
FastCMS ≤ 0.1.5 is affected by a cross-site scripting vulnerability in the Template Menu component (file /fastcms.html#/template/menu). The issue arises from unknown code in that path and is exploitable remotely; exploit has been disclosed publicly. Public details across sources indicate no versi...
CVE-2022-4300
CVE-2022-4300 affects FastCMS, specifically the Template Handler’s /template/edit path. The vulnerability is described as a template injection resulting from manipulation of that file/endpoint, with remote initiation and public disclosure of exploits. Multiple connected sources corroborate a crit...
CVE-2023-1191
CVE-2023-1191 affects the fastcms ZIP File Handler, specifically the file path admin/TemplateController.java. Multiple connected sources describe a path traversal vulnerability that can be exploited remotely, with public disclosure of exploits. The initial descriptions note that the product does ...
CVE-2023-1111
FastCMS up to 0.1.5 is affected. The issue exists in the New Article Tab functionality where manipulating the Title argument triggers cross-site scripting. The attack can be performed remotely, and public exploits have been disclosed. No remediation details are provided in the referenced documents.
CVE-2024-7733
Summary: CVE-2024-7733 affects FastCMS up to version 0.1.5 in the New Article Category Page component. The issue enables cross-site scripting and can be exploited remotely; public disclosure is noted by multiple feeds (NVD, Red Hat, CVE listings, PT Security, CNNVD, etc.). The root cause is an un...
CVE-2026-26682
Summary: fastCMS prior to v0.1.6 contains a security issue in the PluginController.java that enables a local attacker to execute arbitrary code. Affected software/component: fastCMS (PluginController.java). Impact: local code execution with high impact (per CVSS) as described in referenced record...