Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Lfdycms Subscribe
Filtered by product Lei Feng Tv Cms
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20602 1 Lfdycms 1 Lei Feng Tv Cms 2019-01-10 5.0 MEDIUM 7.5 HIGH
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI.
CVE-2018-20603 1 Lfdycms 1 Lei Feng Tv Cms 2019-01-10 6.8 MEDIUM 8.8 HIGH
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF.
CVE-2018-20604 1 Lfdycms 1 Lei Feng Tv Cms 2019-01-10 4.0 MEDIUM 4.9 MEDIUM
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html URI to read the 1.txt file.