Vulnerabilities > Flatcore > Flatcore CMS > 2.0.7

DATE CVE VULNERABILITY TITLE RISK
2021-10-28 CVE-2021-3745 Unspecified vulnerability in Flatcore Flatcore-Cms
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
network
high complexity
flatcore
6.6
2021-08-23 CVE-2021-39608 Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore Flatcore-Cms 2.0.7
Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.
network
low complexity
flatcore CWE-434
7.2
2021-08-23 CVE-2021-39609 Cross-site Scripting vulnerability in Flatcore Flatcore-Cms 2.0.7
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
network
low complexity
flatcore CWE-79
5.4