Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frog vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-9992
Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen.
Frog Cms Project Frog Cms 0.9.5
5.4
CVSSv3
CVE-2018-20448
Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI.
Frog Cms Project Frog Cms 0.9.5
6.1
CVSSv3
CVE-2019-6243
Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI).
Frog Cms Project Frog Cms 0.9.5
9.8
CVSSv3
CVE-2014-4912
An Arbitrary File Upload issue exists in Frog CMS 0.9.5 due to lack of extension validation.
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
7.2
CVSSv3
CVE-2018-20773
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines.
Frog Cms Project Frog Cms 0.9.5
8.8
CVSSv3
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
4.8
CVSSv3
CVE-2018-9991
Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter.
Frog Cms Project Frog Cms 0.9.5
7.2
CVSSv3
CVE-2018-11098
An issue exists in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.
Frog Cms Project Frog Cms 0.9.5
7.2
CVSSv3
CVE-2017-15949
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.
Angry-frog Xavier 2.4
6.1
CVSSv3
CVE-2019-14228
Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the user, the unsanitized username will reflect via the error page. Due to th...
Angry-frog Xavier 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »