Skip to main content

Frog Cms

9 CVEs product

Monthly

CVE-2019-1010235 MEDIUM POC This Month

Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-6243 MEDIUM POC This Month

Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-20448 MEDIUM POC This Month

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Frog Cms
NVD GitHub Exploit-DB
CVSS 3.0
5.4
EPSS
1.7%
CVE-2018-16374 MEDIUM POC This Month

Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-16373 MEDIUM POC This Month

Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Frog Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.1%
CVE-2018-11098 HIGH POC This Week

An issue was discovered in Frog CMS 0.9.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Frog Cms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.4%
CVE-2018-9992 MEDIUM POC This Month

Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-9991 MEDIUM POC This Month

Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-8908 HIGH POC This Week

An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Frog Cms
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.4%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Frog Cms
NVD GitHub Exploit-DB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Frog Cms
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

An issue was discovered in Frog CMS 0.9.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Frog Cms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Frog Cms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Frog Cms
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy