VYPR

CMS

by Fiyo

CVEs (3)

  • CVE-2015-3934CriNov 21, 2017
    risk 0.67cvss 9.8epss 0.03

    Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login.

  • CVE-2014-9146Apr 14, 2015
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to inject arbitrary web script or HTML via the (1) view, (2) id, (3) page, or (4) app parameter to the default URI or the (5) act parameter to dapur/index.php.

  • CVE-2014-4032Jun 11, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comment.php in Fiyo CMS 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the Nama field.