Ferretcms Project Ferretcms — known CVE vulnerabilities
Every CVE whose affected-product data names Ferretcms Project Ferretcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2015-1371 — CVSS 7.5 (high): Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows remote administrators to execute arbitrary code by uploading a file…
CVE-2015-1372 — CVSS 7.5 (high): SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an…
CVE-2015-1374 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to hijack the…
CVE-2015-1373 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web…