CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fiyo: >> Fiyo Cms >> 1.5.7 Security Vulnerabilities

CVE-2014-9147

Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/.

CVSS Score

7.5

EPSS Score

0.179

Published

2017-10-16

CVE-2014-9148

Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.

CVSS Score

9.8

EPSS Score

0.242

Published

2017-10-16

CVE-2014-4032

Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comment.php in Fiyo CMS 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the Nama field.

CVSS Score

4.3

EPSS Score

0.003

Published

2014-06-11

Page 1

Vulnerabilities

Vulnerable Software

Fiyo: >> Fiyo Cms >> 1.5.7 Security Vulnerabilities

Products

Pricing

Contact Us