Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:fastcms:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Fastcms (86180b73-d35b-5055-a10e-4744e6501489) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-3177 |
vulnerable | 2026-06-08 07:23:08.389603 |
FastCMS JWT hard-coded key
MEDIUM (5)
A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key
. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Published: 2025-04-03T20:00:12.170Z
Updated: 2025-04-03T20:35:32.064Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2593 |
vulnerable | 2026-06-08 07:16:57.621945 |
FastCMS list sql injection
MEDIUM (6.3)
A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/client/article/list. The manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-21T14:31:04.784Z
Updated: 2025-03-21T15:19:01.984Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1332 |
vulnerable | 2026-06-08 07:08:36.398327 |
FastCMS Template Menu menu cross site scripting
LOW (2.4)
A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown code of the file /fastcms.html#/template/menu of the component Template Menu. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Published: 2025-02-16T00:31:08.897Z
Updated: 2025-02-18T21:31:50.636Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7733 |
vulnerable | 2026-06-08 06:58:23.308644 |
FastCMS New Article Category Page cross site scripting
LOW (3.5)
A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. Affected is an unknown function of the component New Article Category Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2024-08-13T18:00:11.066Z
Updated: 2024-08-13T18:44:31.529Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-1191 |
vulnerable | 2026-06-08 05:52:34.065851 |
fastcms ZIP File TemplateController.java path traversal
MEDIUM (4.7)
A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222363.
Published: 2023-03-06T07:21:45.248Z
Updated: 2024-08-02T05:40:58.789Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-1111 |
vulnerable | 2026-06-08 05:52:33.905043 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-0651 |
vulnerable | 2026-06-08 05:52:32.175211 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.