Every CVE whose affected-product data names Fangfa Fdcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-35441 — CVSS 9.8 (critical): FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.
CVE-2020-35442 — CVSS 9.8 (critical): FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via…