Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

108 matches found

Cvelist
Cvelistadded 2025/09/19 1:32 p.m.16 views

CVE-2025-10712 07FLYCMS/07FLY-CMS/07FlyCRM login sql injection

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This issue affects some unknown processing of the file /index.php/Login/login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit has...

7.5CVSS0.00302EPSS
Exploits0References4
CVE
CVEadded 2025/09/19 1:32 p.m.15 views

CVE-2025-10712

Affected software: 07FLYCMS, 07FLY-CMS, and 07FlyCRM (up to 20250831). Root cause: SQL injection via manipulation of the Username argument in /index.php/Login/login. Impact: remote attacker could exploit to access or manipulate data (concise impact stated in sources; no exact data impact quantifi...

7.5CVSS7.2AI score0.00302EPSS
Exploits0References4
NVD
NVDadded 2025/09/19 1:15 p.m.6 views

CVE-2025-10711

A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This vulnerability affects unknown code of the file /index.php/sysmanage/Login. Such manipulation of the argument Name leads to cross site scripting. The attack may be performed from remote. The exploit has been...

5.3CVSS0.00339EPSS
Exploits0References4
NVD
NVDadded 2025/09/19 1:15 p.m.11 views

CVE-2025-10710

A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown part of the file /index.php. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Thi...

5.3CVSS0.00339EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/09/19 12:32 p.m.2 views

CVE-2025-10711 07FLYCMS/07FLY-CMS/07FlyCRM Login cross site scripting

A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This vulnerability affects unknown code of the file /index.php/sysmanage/Login. Such manipulation of the argument Name leads to cross site scripting. The attack may be performed from remote. The exploit has been...

5.3CVSS4AI score0.00339EPSS
Exploits0References4
CVE
CVEadded 2025/09/19 12:32 p.m.16 views

CVE-2025-10711

The CVE-2025-10711 entry affects 07FLYCMS, 07FLY-CMS, and 07FlyCRM up to 20250831. The issue is a cross-site scripting vulnerability in the /index.php/sysmanage/Login file, caused by improper handling of the Name parameter. The attack can be performed remotely and the exploit has been publicly di...

5.3CVSS3.8AI score0.00339EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/09/19 12:32 p.m.5 views

CVE-2025-10710 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting

A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown part of the file /index.php. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Thi...

5.3CVSS3.9AI score0.00339EPSS
Exploits0References4
CVE
CVEadded 2025/09/19 12:32 p.m.13 views

CVE-2025-10710

CVE-2025-10710 affects 07FLYCMS, 07FLY-CMS, and 07FlyCRM up to 20250831. The flaw is an XSS in an unknown portion of /index.php caused by manipulation of the Name argument. It can be exploited remotely; exploit appears published. Affected products exist under multiple names; vendor did not respon...

5.3CVSS3.8AI score0.00339EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/09/19 12:32 p.m.14 views

CVE-2025-10710 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting

A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown part of the file /index.php. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Thi...

5.3CVSS0.00339EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/09/19 12:0 a.m.7 views

PT-2025-38536

Name of the Vulnerable Software and Affected Versions 07FLYCMS versions up to 20250831 07FLY-CMS versions up to 20250831 07FlyCRM versions up to 20250831 Description A SQL injection issue exists due to manipulation of the Username argument in the file /index.php/Login/login. The attack can be...

7.5CVSS7.3AI score0.00302EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/09/19 12:0 a.m.6 views

PT-2025-38530

Name of the Vulnerable Software and Affected Versions 07FLYCMS, 07FLY-CMS, and 07FlyCRM versions up to 20250831 Description A cross-site scripting issue exists in 07FLYCMS, 07FLY-CMS, and 07FlyCRM. The vulnerability is located in the /index.php/sysmanage/Login file, where manipulation of the Name...

5.3CVSS3.9AI score0.00339EPSS
Exploits0References9
RedhatCVE
RedhatCVEadded 2025/07/08 9:38 a.m.11 views

CVE-2025-7078

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS6.9AI score0.00249EPSS
Exploits1References1
OSV
OSVadded 2025/07/06 9:15 a.m.3 views

CVE-2025-7078

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS4.6AI score0.00249EPSS
Exploits1References4
NVD
NVDadded 2025/07/06 9:15 a.m.4 views

CVE-2025-7078

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS0.00249EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/07/06 8:32 a.m.10 views

CVE-2025-7078 07FLYCMS/07FLY-CMS/07FlyCRM cross-site request forgery

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS0.00249EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/07/06 8:32 a.m.5 views

CVE-2025-7078 07FLYCMS/07FLY-CMS/07FlyCRM cross-site request forgery

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS4.5AI score0.00249EPSS
Exploits1References4
CVE
CVEadded 2025/07/06 8:32 a.m.25 views

CVE-2025-7078

CVE-2025-7078 affects 07FLYCMS, 07FLY-CMS and 07FlyCRM up to version 1.3.9. The issue is a cross-site request forgery (CSRF) in unknown code, exploitable remotely and with a publicly disclosed exploit. Several connected sources (Red Hat, NVD, PT Security) corroborate the CSRF nature and affected ...

5.3CVSS4.6AI score0.00249EPSS
Exploits1References4Affected Software2
Positive Technologies
Positive Technologiesadded 2025/07/06 12:0 a.m.4 views

PT-2025-28070 · 07Flycms +1 · 07Flycms +1

Name of the Vulnerable Software and Affected Versions: 07FLYCMS versions up to 1.3.9 07FLY-CMS versions up to 1.3.9 07FlyCRM versions up to 1.3.9 Description: A vulnerability was found in the software, affecting unknown code and leading to cross-site request forgery. The attack can be initiated...

5.3CVSS4.6AI score0.00249EPSS
Exploits1References10
RedhatCVE
RedhatCVEadded 2025/05/23 10:43 a.m.4 views

CVE-2024-9855

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule1 of the component Module Plug-In Handler. The manipulation...

7.2CVSS6.8AI score0.00597EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 10:43 a.m.3 views

CVE-2024-9856

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack m...

5.1CVSS6.1AI score0.00383EPSS
Exploits1References1
Rows per page
Query Builder