VYPR

FlameCMS

by FlameCMS

CVEs (3)

  • CVE-2020-20797CriSep 30, 2021
    risk 0.64cvss 9.8epss 0.01

    FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php.

  • CVE-2020-20796CriSep 30, 2021
    risk 0.64cvss 9.8epss 0.01

    FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter.

  • CVE-2019-16309CriSep 14, 2019
    risk 0.64cvss 9.8epss 0.05

    FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.