Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:fastcms:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductFastcms (86180b73-d35b-5055-a10e-4744e6501489)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-3177 vulnerable 2026-06-08 07:23:08.389603 FastCMS JWT hard-coded key
MEDIUM (5)
A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Published: 2025-04-03T20:00:12.170Z
Updated: 2025-04-03T20:35:32.064Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2593 vulnerable 2026-06-08 07:16:57.621945 FastCMS list sql injection
MEDIUM (6.3)
A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/client/article/list. The manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-21T14:31:04.784Z
Updated: 2025-03-21T15:19:01.984Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-1332 vulnerable 2026-06-08 07:08:36.398327 FastCMS Template Menu menu cross site scripting
LOW (2.4)
A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown code of the file /fastcms.html#/template/menu of the component Template Menu. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Published: 2025-02-16T00:31:08.897Z
Updated: 2025-02-18T21:31:50.636Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-7733 vulnerable 2026-06-08 06:58:23.308644 FastCMS New Article Category Page cross site scripting
LOW (3.5)
A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. Affected is an unknown function of the component New Article Category Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2024-08-13T18:00:11.066Z
Updated: 2024-08-13T18:44:31.529Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1191 vulnerable 2026-06-08 05:52:34.065851 fastcms ZIP File TemplateController.java path traversal
MEDIUM (4.7)
A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222363.
Published: 2023-03-06T07:21:45.248Z
Updated: 2024-08-02T05:40:58.789Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1111 vulnerable 2026-06-08 05:52:33.905043 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-0651 vulnerable 2026-06-08 05:52:32.175211 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.