Filtered by vendor Flycms Project
Subscribe
Total
19 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22601 | 1 Flycms Project | 1 Flycms | 2025-06-20 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save
|
|||||
| CVE-2024-22591 | 1 Flycms Project | 1 Flycms | 2025-06-20 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.
|
|||||
| CVE-2024-22568 | 1 Flycms Project | 1 Flycms | 2025-06-20 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.
|
|||||
| CVE-2024-22549 | 1 Flycms Project | 1 Flycms | 2025-06-20 | N/A | 5.4 MEDIUM |
|
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section.
|
|||||
| CVE-2023-52074 | 1 Flycms Project | 1 Flycms | 2025-06-13 | N/A | 8.8 HIGH |
|
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.
|
|||||
| CVE-2024-22818 | 1 Flycms Project | 1 Flycms | 2025-06-09 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save
|
|||||
| CVE-2024-22817 | 1 Flycms Project | 1 Flycms | 2025-06-05 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte
|
|||||
| CVE-2024-22548 | 1 Flycms Project | 1 Flycms | 2025-06-05 | N/A | 5.4 MEDIUM |
|
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.
|
|||||
| CVE-2024-22699 | 1 Flycms Project | 1 Flycms | 2025-06-05 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.
|
|||||
| CVE-2024-21732 | 1 Flycms Project | 1 Flycms | 2025-06-03 | N/A | 6.1 MEDIUM |
|
FlyCms through abbaa5a allows XSS via the permission management feature.
|
|||||
| CVE-2023-52073 | 1 Flycms Project | 1 Flycms | 2025-06-03 | N/A | 8.8 HIGH |
|
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.
|
|||||
| CVE-2024-22819 | 1 Flycms Project | 1 Flycms | 2025-06-02 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.
|
|||||
| CVE-2024-22592 | 1 Flycms Project | 1 Flycms | 2025-06-02 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update
|
|||||
| CVE-2023-52072 | 1 Flycms Project | 1 Flycms | 2025-04-17 | N/A | 8.8 HIGH |
|
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.
|
|||||
| CVE-2024-27694 | 1 Flycms Project | 1 Flycms | 2025-04-16 | N/A | 7.4 HIGH |
|
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the /system/share/ztree_category_edit.
|
|||||
| CVE-2020-36065 | 1 Flycms Project | 1 Flycms | 2025-01-29 | N/A | 8.8 HIGH |
|
Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.
|
|||||
| CVE-2024-22603 | 1 Flycms Project | 1 Flycms | 2024-11-21 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link
|
|||||
| CVE-2024-22593 | 1 Flycms Project | 1 Flycms | 2024-11-21 | N/A | 8.8 HIGH |
|
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save
|
|||||
| CVE-2020-19613 | 1 Flycms Project | 1 Flycms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503.
|
|||||