Known Vulnerabilities for products from Frogcms Project
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Frogcms Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-26794 json | Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file... | 9.8 - CRITICAL | 2021-09-23 | 2021-09-29 |
| CVE-2020-25872 json | A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a d... | 4.9 - MEDIUM | 2021-10-29 | 2021-11-03 |
| CVE-2018-19844 json | FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue... | 4.8 - MEDIUM | 2018-12-31 | 2019-02-25 |
| CVE-2018-16447 json | Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | 8.8 - HIGH | 2018-09-04 | 2019-02-25 |
| CVE-2018-10806 json | An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name]... | 5.4 - MEDIUM | 2018-05-08 | 2020-08-24 |
| CVE-2018-10570 json | Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. | 4.8 - MEDIUM | 2018-04-30 | 2018-06-07 |
| CVE-2018-10321 json | Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
| CVE-2018-10320 json | Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
| CVE-2018-10319 json | Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
| CVE-2018-10318 json | Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
Known software with vulnerabilities from Frogcms Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Frogcms Project | Frogcms | 0.1.1 |