Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frog cms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-4912
An Arbitrary File Upload issue exists in Frog CMS 0.9.5 due to lack of extension validation.
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
8.8
CVSSv3
CVE-2018-16447
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
Frogcms Project Frogcms 0.9.5
8.8
CVSSv3
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
7.5
CVSSv3
CVE-2018-20776
Frog CMS 0.9.5 provides a directory listing for a /public request.
Frog Cms Project Frog Cms 0.9.5
7.2
CVSSv3
CVE-2018-20775
admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI.
Frog Cms Project Frog Cms 0.9.5
7.2
CVSSv3
CVE-2018-20772
Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI.
Frog Cms Project Frog Cms 0.9.5
7.2
CVSSv3
CVE-2018-20773
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines.
Frog Cms Project Frog Cms 0.9.5
7.2
CVSSv3
CVE-2018-11098
An issue exists in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.
Frog Cms Project Frog Cms 0.9.5
6.1
CVSSv3
CVE-2018-20778
admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element.
Frog Cms Project Frog Cms 0.9.5
6.1
CVSSv3
CVE-2019-6243
Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI).
Frog Cms Project Frog Cms 0.9.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »