Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
finecms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-11585
dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection.
Finecms Finecms 5.0.9
4.3
CVSSv2
CVE-2017-10967
In FineCMS prior to 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters.
Finecms Project Finecms -
7.5
CVSSv2
CVE-2017-10968
In FineCMS through 2017-07-07, application\core\controller\template.php allows remote PHP code execution by placing the code after "<?php" in a route=template request.
Finecms Project Finecms -
4.3
CVSSv2
CVE-2017-10973
In FineCMS prior to 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header.
Finecms Project Finecms
4.3
CVSSv2
CVE-2018-7476
controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site Scripting (XSS) via the id or lid parameter in a c=linkage,m=import request to admin.php, because the xss_clean protection mechanism is defeated by crafted input that lacks a '<' or '>'...
Finecms Finecms 5.3.0
4.3
CVSSv2
CVE-2017-1000429
rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.
Finecms Project Finecms 5.0.10
4.3
CVSSv2
CVE-2017-13697
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14192
The checktitle function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the module field.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14194
The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14195
The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »