Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Frogcms
(Frogcms_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 22 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-12 | CVE-2024-42632 | FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add. | Frogcms | 8.8 | ||
| 2024-08-12 | CVE-2024-42625 | FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add | Frogcms | 8.8 | ||
| 2024-08-12 | CVE-2024-42626 | FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add. | Frogcms | 8.8 | ||
| 2024-08-12 | CVE-2024-42627 | FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3. | Frogcms | 8.8 | ||
| 2018-05-08 | CVE-2018-10806 | An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF. | Frogcms | 5.4 | ||
| 2018-12-31 | CVE-2018-19844 | FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. | Frogcms | 4.8 | ||
| 2018-09-04 | CVE-2018-16447 | Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | Frogcms | 8.8 | ||
| 2018-04-30 | CVE-2018-10570 | Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. | Frogcms | 4.8 | ||
| 2018-04-24 | CVE-2018-10321 | Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings. | Frogcms | 4.8 | ||
| 2018-04-24 | CVE-2018-10320 | Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout. | Frogcms | 4.8 |