frogcms_project CVE Vulnerabilities & Metrics

Focus on frogcms_project vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About frogcms_project Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with frogcms_project. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total frogcms_project CVEs: 22
Earliest CVE date: 24 Apr 2018, 02:29 UTC
Latest CVE date: 19 Sep 2024, 14:15 UTC

Latest CVE reference: CVE-2024-46394

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 12

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical frogcms_project CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.95

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range Count
0.0-3.9 19
4.0-6.9 2
7.0-8.9 1
9.0-10.0 0

CVSS Distribution Chart

Top 5 Highest CVSS frogcms_project CVEs

These are the five CVEs with the highest CVSS scores for frogcms_project, sorted by severity first and recency.

All CVEs for frogcms_project

CVE-2024-46394 frogcms_project vulnerability CVSS: 0 19 Sep 2024, 14:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add

CVE-2024-46086 frogcms_project vulnerability CVSS: 0 18 Sep 2024, 16:15 UTC

FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/delete/123

CVE-2024-42627 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 17:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.

CVE-2024-42626 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 17:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.

CVE-2024-42625 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 17:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add

CVE-2024-42624 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 17:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.

CVE-2024-42623 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 17:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1

CVE-2024-42632 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 16:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.

CVE-2024-42631 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 16:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.

CVE-2024-42630 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 16:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file.

CVE-2024-42629 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 16:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.

CVE-2024-42628 frogcms_project vulnerability CVSS: 0 12 Aug 2024, 16:15 UTC

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.

CVE-2020-25872 frogcms_project vulnerability CVSS: 4.0 29 Oct 2021, 20:15 UTC

A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.

CVE-2021-26794 frogcms_project vulnerability CVSS: 7.5 23 Sep 2021, 17:15 UTC

Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.

CVE-2018-19844 frogcms_project vulnerability CVSS: 3.5 31 Dec 2018, 15:29 UTC

FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.

CVE-2018-16447 frogcms_project vulnerability CVSS: 6.8 04 Sep 2018, 04:29 UTC

Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.

CVE-2018-10806 frogcms_project vulnerability CVSS: 3.5 08 May 2018, 07:29 UTC

An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF.

CVE-2018-10570 frogcms_project vulnerability CVSS: 3.5 30 Apr 2018, 16:29 UTC

Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field.

CVE-2018-10321 frogcms_project vulnerability CVSS: 3.5 24 Apr 2018, 06:29 UTC

Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.

CVE-2018-10320 frogcms_project vulnerability CVSS: 3.5 24 Apr 2018, 02:29 UTC

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout.

CVE-2018-10319 frogcms_project vulnerability CVSS: 3.5 24 Apr 2018, 02:29 UTC

Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet.

CVE-2018-10318 frogcms_project vulnerability CVSS: 3.5 24 Apr 2018, 02:29 UTC

Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata.