CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

NVD•added 2026/02/23 3:15 a.m.•10 views

CVE-2026-2965

A security flaw has been discovered in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.9. The affected element is an unknown function of the file /admin/SysModule/edit.html of the component System Extension Module. Performing a manipulation of the argument Title results in cross site scripting. The...

4.8CVSS0.00202EPSS

Exploits0References4

ATTACKERKB•added 2026/02/23 1:32 a.m.•6 views

CVE-2026-2965

4.8CVSS3.4AI score0.00202EPSS

Exploits0References4

CVE•added 2026/02/23 1:32 a.m.•9 views

CVE-2026-2965

Summary: CVE-2026-2965 affects 07FLYCMS, 07FLY-CMS and 07FlyCRM up to version 1.2.9. The vulnerability exists in the System Extension Module, specifically the /admin/SysModule/edit.html file, where manipulating the Title argument causes cross-site scripting (XSS). The issue can be triggered remot...

4.8CVSS3.5AI score0.00202EPSS

Exploits0References4

Cvelist•added 2026/02/23 1:32 a.m.•28 views

CVE-2026-2965 07FLYCMS/07FLY-CMS/07FlyCRM System Extension edit.html cross site scripting

4.8CVSS0.00202EPSS

Exploits0References4

Positive Technologies•added 2026/02/23 12:0 a.m.•6 views

PT-2026-21489

4.8CVSS3.3AI score0.00202EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-50163

Malicious code in bioql PyPI...

5.1CVSS4AI score0.00383EPSS

Exploits1References4

RedhatCVE•added 2025/09/21 1:25 p.m.•6 views

CVE-2025-10710

A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown part of the file /index.php. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Thi...

5.3CVSS5.3AI score0.00339EPSS

Exploits0References1

NVD•added 2025/09/19 2:15 p.m.•6 views

CVE-2025-10712

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This issue affects some unknown processing of the file /index.php/Login/login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit has...

7.5CVSS0.00302EPSS

Exploits0References4

Vulnrichment•added 2025/09/19 1:32 p.m.•3 views

CVE-2025-10712 07FLYCMS/07FLY-CMS/07FlyCRM login sql injection

7.5CVSS7.2AI score0.00302EPSS

Exploits0References4

Cvelist•added 2025/09/19 1:32 p.m.•14 views

CVE-2025-10712 07FLYCMS/07FLY-CMS/07FlyCRM login sql injection

7.5CVSS0.00302EPSS

Exploits0References4

CVE•added 2025/09/19 1:32 p.m.•13 views

CVE-2025-10712

Affected software: 07FLYCMS, 07FLY-CMS, and 07FlyCRM (up to 20250831). Root cause: SQL injection via manipulation of the Username argument in /index.php/Login/login. Impact: remote attacker could exploit to access or manipulate data (concise impact stated in sources; no exact data impact quantifi...

7.5CVSS7.2AI score0.00302EPSS

Exploits0References4

NVD•added 2025/09/19 1:15 p.m.•5 views

CVE-2025-10710

5.3CVSS0.00339EPSS

Exploits0References4

CVE•added 2025/09/19 12:32 p.m.•16 views

CVE-2025-10711

The CVE-2025-10711 entry affects 07FLYCMS, 07FLY-CMS, and 07FlyCRM up to 20250831. The issue is a cross-site scripting vulnerability in the /index.php/sysmanage/Login file, caused by improper handling of the Name parameter. The attack can be performed remotely and the exploit has been publicly di...

5.3CVSS3.8AI score0.00339EPSS

Exploits0References4

Cvelist•added 2025/09/19 12:32 p.m.•11 views

CVE-2025-10710 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting

5.3CVSS0.00339EPSS

Exploits0References4

Vulnrichment•added 2025/09/19 12:32 p.m.•4 views

CVE-2025-10710 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting

5.3CVSS3.9AI score0.00339EPSS

Exploits0References4

CVE•added 2025/09/19 12:32 p.m.•10 views

CVE-2025-10710

CVE-2025-10710 affects 07FLYCMS, 07FLY-CMS, and 07FlyCRM up to 20250831. The flaw is an XSS in an unknown portion of /index.php caused by manipulation of the Name argument. It can be exploited remotely; exploit appears published. Affected products exist under multiple names; vendor did not respon...

5.3CVSS3.8AI score0.00339EPSS

Exploits0References4

Positive Technologies•added 2025/09/19 12:0 a.m.•5 views

PT-2025-38530

Name of the Vulnerable Software and Affected Versions 07FLYCMS, 07FLY-CMS, and 07FlyCRM versions up to 20250831 Description A cross-site scripting issue exists in 07FLYCMS, 07FLY-CMS, and 07FlyCRM. The vulnerability is located in the /index.php/sysmanage/Login file, where manipulation of the Name...

5.3CVSS3.9AI score0.00339EPSS

Exploits0References9

Positive Technologies•added 2025/09/19 12:0 a.m.•6 views

PT-2025-38536

Name of the Vulnerable Software and Affected Versions 07FLYCMS versions up to 20250831 07FLY-CMS versions up to 20250831 07FlyCRM versions up to 20250831 Description A SQL injection issue exists due to manipulation of the Username argument in the file /index.php/Login/login. The attack can be...

7.5CVSS7.3AI score0.00302EPSS

Exploits0References6

OSV•added 2025/07/06 9:15 a.m.•3 views

CVE-2025-7078

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS4.6AI score0.00249EPSS

Exploits1References4

RedhatCVE•added 2025/05/23 8:15 a.m.•3 views

CVE-2024-9903

A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/File/fileUpload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The...

7.2CVSS6.9AI score0.00597EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by