ftcms
by ftcms
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-30063 | Cri | 0.65 | 9.8 | 0.17 | May 11, 2022 | ftcms <=2.1 was discovered to be vulnerable to code execution attacks . | ||
| CVE-2022-37730 | Hig | 0.57 | 8.8 | 0.00 | Sep 7, 2022 | In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity… | ||
| CVE-2022-30060 | Hig | 0.57 | 8.8 | 0.01 | May 11, 2022 | ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php | ||
| CVE-2022-30062 | Med | 0.42 | 6.5 | 0.01 | May 11, 2022 | ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php | ||
| CVE-2022-30061 | Med | 0.42 | 6.5 | 0.01 | May 11, 2022 | ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. | ||
| CVE-2022-37731 | Med | 0.40 | 6.1 | 0.01 | Sep 7, 2022 | ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing. | ||
| CVE-2025-2132 | Med | 0.31 | 4.7 | 0.00 | Mar 9, 2025 | A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajax_all_lists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack… | ||
| CVE-2025-2133 | Low | 0.16 | 2.4 | 0.00 | Mar 10, 2025 | A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The… |
- risk 0.65cvss 9.8epss 0.17
ftcms <=2.1 was discovered to be vulnerable to code execution attacks .
- risk 0.57cvss 8.8epss 0.00
In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity…
- risk 0.57cvss 8.8epss 0.01
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php
- risk 0.42cvss 6.5epss 0.01
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php
- risk 0.42cvss 6.5epss 0.01
ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp.
- risk 0.40cvss 6.1epss 0.01
ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing.
- risk 0.31cvss 4.7epss 0.00
A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajax_all_lists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack…
- risk 0.16cvss 2.4epss 0.00
A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The…