Vendor
FrogCMS
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-4912 | Cri | 0.67 | 9.8 | 0.09 | Mar 22, 2018 | An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation. | ||
| CVE-2022-24652 | 0.00 | — | 0.02 | Mar 10, 2022 | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload. | |||
| CVE-2022-24651 | 0.00 | — | 0.02 | Mar 10, 2022 | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload. | |||
| CVE-2021-26794 | 0.00 | — | 0.02 | Sep 23, 2021 | Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. |
- risk 0.67cvss 9.8epss 0.09
An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation.
- CVE-2022-24652Mar 10, 2022risk 0.00cvss —epss 0.02
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.
- CVE-2022-24651Mar 10, 2022risk 0.00cvss —epss 0.02
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.
- CVE-2021-26794Sep 23, 2021risk 0.00cvss —epss 0.02
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.