Vulnerability CVE-2017-10967

Vulnerability CVE-2017-10967

Published: 2017-07-06

Description:

In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters.

Vendor: Finecms project

Product: Finecms

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

References:

https://github.com/andrzuk/FineCMS/pull/9

	Related CVE
CVE-2017-1000429	rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.
CVE-2017-14195	The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer.
CVE-2017-14194	The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
CVE-2017-14193	The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
CVE-2017-14192	The checktitle function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the module field.
CVE-2017-13697	controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
CVE-2017-12774	finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database
CVE-2017-11202	FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScript in visited URLs is not restricted either during logging or during the reading of logs, a different vulnerability than CVE-2017-11180.

Copyright 2018, cxsecurity.com