Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

108 matches found

OSV
OSVadded 2024/10/11 1:15 p.m.3 views

CVE-2024-9856

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack m...

4.8CVSS3.5AI score0.00383EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/10/11 12:31 p.m.18 views

CVE-2024-9856 07FLYCMS/07FLY-CMS/07FlyCRM System Settings Page cross site scripting

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack m...

5.1CVSS0.00383EPSS
Exploits1References4
CVE
CVEadded 2024/10/11 12:31 p.m.50 views

CVE-2024-9856

CVE-2024-9856 affects 07FLYCMS/07FLY-CMS/07FlyCRM v1.3.8. A vulnerability in the System Settings Page, via manipulation of the Login Interface Copyright, enables cross-site scripting. The issue can be exploited remotely and the exploit has been disclosed publicly. Affected products are also refer...

5.1CVSS3.2AI score0.00383EPSS
Exploits1References4Affected Software2
Vulnrichment
Vulnrichmentadded 2024/10/11 12:31 p.m.14 views

CVE-2024-9856 07FLYCMS/07FLY-CMS/07FlyCRM System Settings Page cross site scripting

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack m...

5.1CVSS3.4AI score0.00383EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2024/10/11 12:31 p.m.11 views

CVE-2024-9855 07FLYCMS/07FLY-CMS/07FlyCRM Module Plug-In sysmodule_1 uploadFile unrestricted upload

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule1 of the component Module Plug-In Handler. The manipulation...

5.8CVSS4.8AI score0.00597EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/10/11 12:31 p.m.21 views

CVE-2024-9855 07FLYCMS/07FLY-CMS/07FlyCRM Module Plug-In sysmodule_1 uploadFile unrestricted upload

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule1 of the component Module Plug-In Handler. The manipulation...

5.8CVSS0.00597EPSS
Exploits1References4
CVE
CVEadded 2024/10/11 12:31 p.m.45 views

CVE-2024-9855

CVE-2024-9855 affects 07FLYCMS/07FLY-CMS/07FlyCRM 1.3.8. The vulnerability lies in Module Plug-In Handler’s uploadFile (path /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule_1), where manipulating the file argument enables unrestricted uploads. Exploitation is remote and publicly...

7.2CVSS4.8AI score0.00597EPSS
Exploits1References4Affected Software2
Positive Technologies
Positive Technologiesadded 2024/10/11 12:0 a.m.4 views

PT-2024-39891 · 07Flycms +1 · 07Flycms +1

Name of the Vulnerable Software and Affected Versions: 07FLYCMS version 1.3.8 07FLY-CMS version 1.3.8 07FlyCRM version 1.3.8 Description: A problem was found in the System Settings Page component, where the manipulation of the Login Interface Copyright argument leads to cross-site scripting. This...

5.1CVSS3.2AI score0.00383EPSS
Exploits1References7
Rows per page
Query Builder