VYPR
Vendor

Fanli2012

Products
2
CVEs
12
Across products
12
Status
Private

Products

2

Recent CVEs

12
  • CVE-2022-46493CriDec 22, 2022
    risk 0.64cvss 9.8epss 0.01

    Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/download_img.

  • CVE-2025-0486HigJan 15, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fladmin/login.php. The manipulation of the argument username leads to sql injection. The attack can be launched…

  • CVE-2025-0484HigJan 15, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfig_doedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated…

  • CVE-2025-0482HigJan 15, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit…

  • CVE-2022-46492MedDec 23, 2022
    risk 0.42cvss 6.5epss 0.01

    nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary.

  • CVE-2025-0491MedJan 15, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. Affected is an unknown function of the file /fladmin/cat_dodel.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2025-0490MedJan 15, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in Fanli2012 native-php-cms 1.0. This issue affects some unknown processing of the file /fladmin/article_dodel.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely.…

  • CVE-2025-0489MedJan 15, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown code of the file /fladmin/friendlink_dodel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has…

  • CVE-2025-0488MedJan 15, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file product_list.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2025-0487MedJan 15, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /fladmin/cat_edit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The…

  • CVE-2025-0485LowJan 15, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfig_doedit.php. The manipulation of the argument info leads to cross site scripting. It is possible to launch the attack…

  • CVE-2025-0483LowJan 15, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects unknown code of the file /fladmin/jump.php. The manipulation of the argument message/error leads to cross site scripting. The attack can be initiated…