Known Vulnerabilities for products from Frogcms Project
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Frogcms Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-26794 | Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file... | 9.8 - CRITICAL | 2021-09-23 | 2021-09-29 |
| CVE-2020-25872 | A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a d... | 4.9 - MEDIUM | 2021-10-29 | 2021-11-03 |
| CVE-2018-19844 | FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue... | 4.8 - MEDIUM | 2018-12-31 | 2019-02-25 |
| CVE-2018-16447 | Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | 8.8 - HIGH | 2018-09-04 | 2019-02-25 |
| CVE-2018-10806 | An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name]... | 5.4 - MEDIUM | 2018-05-08 | 2020-08-24 |
| CVE-2018-10570 | Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. | 4.8 - MEDIUM | 2018-04-30 | 2018-06-07 |
| CVE-2018-10321 | Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
| CVE-2018-10320 | Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
| CVE-2018-10319 | Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
| CVE-2018-10318 | Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata. | 4.8 - MEDIUM | 2018-04-24 | 2018-05-16 |
Known software with vulnerabilities from Frogcms Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Frogcms Project | Frogcms | 0.1.1 |