Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
finecms finecms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-11198
Cross-site scripting (XSS) vulnerability in /application/lib/ajax/get_image.php in FineCMS through 2017-07-12 allows remote malicious users to inject arbitrary web script or HTML via the folder, id, or name parameter.
Finecms Project Finecms -
578
VMScore
CVE-2017-11200
SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter.
Finecms Project Finecms -
383
VMScore
CVE-2017-11202
FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScript in visited URLs is not restricted either during logging or during the reading of logs, a different vulnerability than CVE-2017-11180.
Finecms Project Finecms -
383
VMScore
CVE-2018-7476
controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site Scripting (XSS) via the id or lid parameter in a c=linkage,m=import request to admin.php, because the xss_clean protection mechanism is defeated by crafted input that lacks a '<' or '>'...
Finecms Finecms 5.3.0
605
VMScore
CVE-2018-18191
Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote malicious users to change the administrator's password.
Finecms Finecms 5.4
383
VMScore
CVE-2017-14194
The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
383
VMScore
CVE-2017-14192
The checktitle function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the module field.
Finecms Project Finecms 5.0.11
383
VMScore
CVE-2017-1000429
rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.
Finecms Project Finecms 5.0.10
383
VMScore
CVE-2017-14195
The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
383
VMScore
CVE-2017-14193
The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
Finecms Project Finecms 5.0.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »