Shodan
Vulnerabilities
Vulnerable Software
Ftcms:  >> Ftcms  Security Vulnerabilities
CVE-2025-2133
A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
2.4
EPSS Score
0.001
Published
2025-03-10
CVE-2025-2132
A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajax_all_lists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-03-09
CVE-2022-37730
In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-07
CVE-2022-37731
ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-09-07
CVE-2022-30063
ftcms <=2.1 was discovered to be vulnerable to code execution attacks .
CVSS Score
9.8
EPSS Score
0.02
Published
2022-05-11
CVE-2022-30060
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php
CVSS Score
8.8
EPSS Score
0.004
Published
2022-05-11
CVE-2022-30061
ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp.
CVSS Score
6.5
EPSS Score
0.005
Published
2022-05-11
CVE-2022-30062
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php
CVSS Score
6.5
EPSS Score
0.004
Published
2022-05-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved