Filtered by vendor Ftcms
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-37731 | 1 Ftcms | 1 Ftcms | 2024-08-03 | 6.1 Medium |
| ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing. | ||||
| CVE-2022-37730 | 1 Ftcms | 1 Ftcms | 2024-08-03 | 8.8 High |
| In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge. | ||||
| CVE-2022-30061 | 1 Ftcms | 1 Ftcms | 2024-08-03 | 6.5 Medium |
| ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. | ||||
| CVE-2022-30060 | 1 Ftcms | 1 Ftcms | 2024-08-03 | 8.8 High |
| ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php | ||||
| CVE-2022-30062 | 1 Ftcms | 1 Ftcms | 2024-08-03 | 6.5 Medium |
| ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php | ||||
| CVE-2022-30063 | 1 Ftcms | 1 Ftcms | 2024-08-03 | 9.8 Critical |
| ftcms <=2.1 was discovered to be vulnerable to code execution attacks . | ||||
Page 1 of 1.