Vulnerabilities > Flatcore > Flatcore > 1.5.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-15 | CVE-2021-23838 | Cross-site Scripting vulnerability in Flatcore An issue was discovered in flatCore before 2.0.0 build 139. | 3.5 |
| 2021-01-15 | CVE-2021-23837 | SQL Injection vulnerability in Flatcore An issue was discovered in flatCore before 2.0.0 build 139. | 4.0 |
| 2021-01-15 | CVE-2021-23836 | Cross-site Scripting vulnerability in Flatcore An issue was discovered in flatCore before 2.0.0 build 139. | 3.5 |
| 2021-01-15 | CVE-2021-23835 | Improper Input Validation vulnerability in Flatcore An issue was discovered in flatCore before 2.0.0 build 139. | 4.0 |
| 2020-08-09 | CVE-2020-17452 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore flatCore before 1.5.7 allows upload and execution of a .php file by an admin. | 9.0 |
| 2020-08-09 | CVE-2020-17451 | Cross-site Scripting vulnerability in Flatcore flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter. | 3.5 |