Vulnerabilities > Flintcms

DATE CVE VULNERABILITY TITLE RISK
2018-08-17 CVE-2018-3783 SQL Injection vulnerability in Flintcms
A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.
network
low complexity
flintcms CWE-89
7.5