VYPR

FrogCMS

by FrogCMS

CVEs (15)

  • CVE-2021-26794CriSep 23, 2021
    risk 0.64cvss 9.8epss 0.02

    Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.

  • CVE-2024-46086HigSep 18, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/delete/123

  • CVE-2024-46362HigSep 17, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_directory

  • CVE-2024-46085HigSep 17, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/rename

  • CVE-2024-42627HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.

  • CVE-2024-42626HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.

  • CVE-2024-42625HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add

  • CVE-2024-42624HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.

  • CVE-2024-42623HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1

  • CVE-2024-42632HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.

  • CVE-2024-42631HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.

  • CVE-2024-42630HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file.

  • CVE-2024-42629HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.

  • CVE-2024-42628HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.00

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.

  • CVE-2020-25872MedOct 29, 2021
    risk 0.32cvss 4.9epss 0.01

    A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.