← Back

Kuaifan

kuaifan

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Kuaifancms
kuaifancms
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-3256
1Kuaifan
1Kuaifancms
Nov 21, 2024
Jun 11, 2021
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file.
CVE-2019-14746
1Kuaifan
1Kuaifancms
Nov 21, 2024
Aug 7, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.