Vulnerabilities > Glfusion

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2021-45843	Cross-site Scripting vulnerability in Glfusion 1.7.9 glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. network low complexity glfusion CWE-79	6.1
2021-12-14	CVE-2021-44942	Cross-Site Request Forgery (CSRF) vulnerability in Glfusion 1.7.9 glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. network low complexity glfusion CWE-352	4.3
2021-12-14	CVE-2021-44949	Authorization Bypass Through User-Controlled Key vulnerability in Glfusion 1.7.9 glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php. network low complexity glfusion CWE-639 critical	9.8
2021-12-14	CVE-2021-44935	Origin Validation Error vulnerability in Glfusion 1.7.9 glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. network low complexity glfusion CWE-346 critical	9.1
2021-12-14	CVE-2021-44937	Improper Authentication vulnerability in Glfusion 1.7.9 glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html/users.php. network low complexity glfusion CWE-287	5.3

Vulnerabilities > Glfusion {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Glfusion"}]}