This is a technical writeup detailing multiple vulnerabilities in FineCMS 1.0, including Reflected XSS, Arbitrary File Modify, Authenticated SQL Injection, and Stored XSS. The analysis includes specific file paths, code snippets, and proof-of-concept examples.
Classification
Writeup 90%
Attack Type
Xss | Sqli | Other
Complexity
Moderate
Reliability
Reliable
Target:FineCMS 1.0
Auth required
Prerequisites:Access to the FineCMS application · Admin privileges for some exploits