Vulnerabilities > Flycms Project > Flycms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-18 | CVE-2024-22592 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update | 8.8 |
2024-01-18 | CVE-2024-22593 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save | 8.8 |
2024-01-08 | CVE-2023-52072 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte. | 8.8 |
2024-01-08 | CVE-2023-52073 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte. | 8.8 |
2024-01-08 | CVE-2023-52074 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte. | 8.8 |
2024-01-01 | CVE-2024-21732 | Cross-site Scripting vulnerability in Flycms Project Flycms 1.0 FlyCms through abbaa5a allows XSS via the permission management feature. | 6.1 |
2023-05-08 | CVE-2020-36065 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save. | 8.8 |
2021-04-01 | CVE-2020-19613 | Server-Side Request Forgery (SSRF) vulnerability in Flycms Project Flycms 20190503 Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503. | 5.0 |