Skip to main content

Facilemanager

5 CVEs product

Monthly

CVE-2026-30919 HIGH This Week

facileManager is a modular suite of web apps built with the sysadmin in mind. versions up to 6.0.4 is affected by cross-site scripting (xss) (CVSS 7.6).

XSS Facilemanager
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-30918 HIGH This Week

FacileManager versions prior to 6.0.4 contain a reflected cross-site scripting vulnerability in the fmDNS module's log_search_query parameter that allows authenticated attackers to inject malicious JavaScript through crafted URLs. An attacker with login credentials can exploit this to execute arbitrary scripts in users' browsers, potentially compromising sensitive administrative data or session tokens. No patch is currently available for affected deployments.

XSS Facilemanager
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2024-24573 HIGH POC PATCH This Week

facileManager is a modular suite of web apps built with the sysadmin in mind. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass PHP Facilemanager
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-24572 MEDIUM POC PATCH This Month

facileManager is a modular suite of web apps built with the sysadmin in mind. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi PHP Facilemanager
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-24571 MEDIUM POC PATCH This Month

facileManager is a modular suite of web apps built with the sysadmin in mind. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Facilemanager
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
EPSS 0% CVSS 7.6
HIGH This Week

facileManager is a modular suite of web apps built with the sysadmin in mind. versions up to 6.0.4 is affected by cross-site scripting (xss) (CVSS 7.6).

XSS Facilemanager
NVD GitHub VulDB
EPSS 0% CVSS 7.6
HIGH This Week

FacileManager versions prior to 6.0.4 contain a reflected cross-site scripting vulnerability in the fmDNS module's log_search_query parameter that allows authenticated attackers to inject malicious JavaScript through crafted URLs. An attacker with login credentials can exploit this to execute arbitrary scripts in users' browsers, potentially compromising sensitive administrative data or session tokens. No patch is currently available for affected deployments.

XSS Facilemanager
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

facileManager is a modular suite of web apps built with the sysadmin in mind. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass PHP Facilemanager
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

facileManager is a modular suite of web apps built with the sysadmin in mind. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi PHP Facilemanager
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

facileManager is a modular suite of web apps built with the sysadmin in mind. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Facilemanager
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy