5
I Use This!
Inactive
Analyzed 1 day ago. based on code collected 1 day ago.
 

Security

Vulnerabilities per Version

Learn more about BDSAs
 
 

Major Versions

1yr
3yr
5yr
10yr
All
click and drag to zoom
 
 
Security Vulnerabilities for Version:
Severities:
Type
Identifier Related Record Severity Date Published Description Versions Affected
CVE-2019-6243 Medium Jan 12, 2019 Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI).
0.9.5
CVE-2018-9992 BDSA-2018-1143 Medium Apr 11, 2018 Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen.
0.9.5
CVE-2018-9991 BDSA-2018-1144 Medium Apr 11, 2018 Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter.
0.9.5
CVE-2018-8908 BDSA-2018-0882 High Mar 31, 2018 An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft more...
0.9.5
CVE-2018-20778 Medium Feb 11, 2019 admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element.
0.9.5
CVE-2018-20777 Medium Feb 11, 2019 Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field.
0.9.5
CVE-2018-20776 High Feb 11, 2019 Frog CMS 0.9.5 provides a directory listing for a /public request.
0.9.5
CVE-2018-20775 High Feb 11, 2019 admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file un more...
0.9.5
CVE-2018-20774 Medium Feb 11, 2019 Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field.
0.9.5
CVE-2018-20773 High Feb 11, 2019 Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines.
0.9.5