Page 26 of 201 results (0.012 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-20778

https://notcve.org/view.php?id=CVE-2018-20778

admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element. admin/?/plugin/file_manager en Frog CMS 0.9.5 permiten Cross-Site Scripting (XSS) creando un nuevo archivo que contiene un atributo manipulado de un elemento IMG. • https://github.com/philippe/FrogCMS/issues/28 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-20776

https://notcve.org/view.php?id=CVE-2018-20776

Frog CMS 0.9.5 provides a directory listing for a /public request. Frog CMS 0.9.5 proporciona una lista de directorios para una petición /public. • https://github.com/philippe/FrogCMS/issues/21 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-20772

https://notcve.org/view.php?id=CVE-2018-20772

Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI. Frog CMS 0.9.5 permite la ejecución de código PHP mediante un URI • https://github.com/philippe/FrogCMS/issues/24 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-20777

https://notcve.org/view.php?id=CVE-2018-20777

Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. Frog CMS 0.9.5 tiene Cross-Site Scripting (XSS) mediante el campo Body en admin/?/snippet/edit/1. • https://github.com/philippe/FrogCMS/issues/25 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-20773

https://notcve.org/view.php?id=CVE-2018-20773

Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines. Frog CMS 0.9.5 permite la ejecución de código PHP visitando admin/?/page/edit/1 e insertando líneas • https://github.com/philippe/FrogCMS/issues/23 • CWE-94: Improper Control of Generation of Code ('Code Injection') •