Vulnerabilities > Flatpress > Flatpress > 0.804
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-02 | CVE-2023-1146 | Cross-site Scripting vulnerability in Flatpress Cross-site Scripting (XSS) - Generic in GitHub repository flatpressblog/flatpress prior to 1.3. | 5.4 |
2023-03-02 | CVE-2023-1147 | Cross-site Scripting vulnerability in Flatpress Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 5.4 |
2023-03-02 | CVE-2023-1148 | Cross-site Scripting vulnerability in Flatpress Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 4.8 |
2023-03-02 | CVE-2023-1106 | Cross-site Scripting vulnerability in Flatpress Cross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3. | 6.1 |
2023-03-02 | CVE-2023-1107 | Cross-site Scripting vulnerability in Flatpress Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 5.4 |
2023-03-01 | CVE-2023-1104 | Cross-site Scripting vulnerability in Flatpress Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 5.4 |
2023-03-01 | CVE-2023-1105 | External Control of File Name or Path vulnerability in Flatpress External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. | 8.1 |
2023-02-22 | CVE-2023-0947 | Path Traversal vulnerability in Flatpress Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3. | 9.8 |
2008-09-29 | CVE-2008-4120 | Cross-Site Scripting vulnerability in Flatpress 0.804 Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) pass parameter to login.php, or the (3) name parameter to contact.php. | 4.3 |