poropro/kuaifan

Releases0

Stars2

KuaiFanCMS V5.x手机建站系统

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-3256 ↗	Jun 11, 2021Friday, 11 June 2021, 20:15	6.5 MEDIUM	4 MEDIUM
KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file.
CVE-2019-14746 ↗	Aug 7, 2019Wednesday, 7 August 2019, 16:15	—	7.5 HIGH
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.