Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2020-20796

Disclosure Date: September 30, 2021 (last updated February 23, 2025)
FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-20797

Disclosure Date: September 30, 2021 (last updated February 23, 2025)
FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-16309

Disclosure Date: September 14, 2019 (last updated November 27, 2024)
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0