Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2017-11585
Disclosure Date: July 24, 2017 (last updated November 26, 2024)
dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection.
0
Attacker Value
Unknown
CVE-2017-11581
Disclosure Date: July 24, 2017 (last updated November 26, 2024)
dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php via a payload in the username field that does not begin with a '<' character.
0
