VYPR

ftcms

by ftcms

CVEs (8)

  • CVE-2022-30063CriMay 11, 2022
    risk 0.65cvss 9.8epss 0.17

    ftcms <=2.1 was discovered to be vulnerable to code execution attacks .

  • CVE-2022-37730HigSep 7, 2022
    risk 0.57cvss 8.8epss 0.00

    In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity…

  • CVE-2022-30060HigMay 11, 2022
    risk 0.57cvss 8.8epss 0.01

    ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php

  • CVE-2022-30062MedMay 11, 2022
    risk 0.42cvss 6.5epss 0.01

    ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php

  • CVE-2022-30061MedMay 11, 2022
    risk 0.42cvss 6.5epss 0.01

    ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp.

  • CVE-2022-37731MedSep 7, 2022
    risk 0.40cvss 6.1epss 0.01

    ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing.

  • CVE-2025-2132MedMar 9, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajax_all_lists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack…

  • CVE-2025-2133LowMar 10, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The…