Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
finecms project finecms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-11179
FineCMS through 2017-07-11 has stored XSS in route=admin when modifying user information, and in route=register when registering a user account.
Finecms Project Finecms -
6.5
CVSSv2
CVE-2017-11200
SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter.
Finecms Project Finecms -
3.5
CVSSv2
CVE-2017-11201
application/core/controller/images.php in FineCMS through 2017-07-12 allows remote authenticated admins to conduct XSS attacks by uploading an image via a route=images action.
Finecms Project Finecms -
4.3
CVSSv2
CVE-2017-1000429
rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.
Finecms Project Finecms 5.0.10
4.3
CVSSv2
CVE-2017-14192
The checktitle function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the module field.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14193
The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14195
The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-13697
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
Finecms Project Finecms 5.0.11
7.5
CVSSv2
CVE-2017-11167
FineCMS 2.1.0 allows remote malicious users to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code after a ', sequence in a domain name, as demonstrated by the ',phpinfo() input value.
Finecms Project Finecms 2.1.0
4.3
CVSSv2
CVE-2017-14194
The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »