Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
finecms finecms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-6511
andrzuk/FineCMS prior to 2017-03-06 is vulnerable to a reflected XSS in index.php because of missing validation of the action parameter in application/classes/application.php.
Finecms Project Finecms
4.3
CVSSv2
CVE-2017-10967
In FineCMS prior to 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters.
Finecms Project Finecms -
7.5
CVSSv2
CVE-2017-10968
In FineCMS through 2017-07-07, application\core\controller\template.php allows remote PHP code execution by placing the code after "<?php" in a route=template request.
Finecms Project Finecms -
4.3
CVSSv2
CVE-2017-10973
In FineCMS prior to 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header.
Finecms Project Finecms
4.3
CVSSv2
CVE-2017-9252
andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the search page via the text-search parameter to index.php in a route=search action.
Finecms Project Finecms -
4.3
CVSSv2
CVE-2017-13697
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
Finecms Project Finecms 5.0.11
7.5
CVSSv2
CVE-2017-12774
finecms in 1.9.5\controllers\member\ContentController.php allows remote malicious users to operate website database
Finecms Project Finecms 1.9.5
4.3
CVSSv2
CVE-2017-14192
The checktitle function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the module field.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14193
The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
4.3
CVSSv2
CVE-2017-14194
The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »