221 matches found
CVE-2024-26491
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...
CVE-2024-26489
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field...
CVE-2024-26489
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field...
Cross site scripting
A cross-site scripting XSS vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...
Cross site scripting
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...
Cross site scripting
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field...
CVE-2024-23094
Flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /cover/addons/infomediagallery/action/editaddonpost.php...
flusity CMS Security Vulnerability
flusity CMS is a user-interactive interface solution that can be easily changed or added to code. A security vulnerability exists in flusity CMS version v2.33, which stems from the presence of a cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary web script or HTML...
flusity CMS Security Vulnerability
flusity CMS is a user interactive interface solution where code can be easily changed or added. A security vulnerability exists in flusity CMS version v2.33, which was discovered to contain a cross-site request forgery CSRF vulnerability via the component /core/tools/updateplace.php...
CVE-2024-26445
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/deleteplace.php...
CVE-2024-26490
The vulnerability CVE-2024-26490 affects flusity-CMS v2.33, specifically the Addon JD Simple module. The issue is a cross-site scripting (XSS) flaw exploitable through a crafted payload entered into the Title text field of the Addon JD Simple module. The documented impact is execution of arbitrar...
CVE-2024-26352
CVE-2024-26352 affects flusity-CMS v2.33. The vulnerability is a Cross-Site Request Forgery (CSRF) in the component /core/tools/add_places.php. The consolidated data describes a CSRF that can impact multiple security properties, with a CVSS 3.1 base score of 8.8 (HIGH) and UI required for exploit...
CVE-2024-26350
Summary: CVE-2024-26350 applies to flusity-CMS v2.33, where a Cross-Site Request Forgery (CSRF) was discovered in the component /core/tools/update_contact_form_settings.php. The issue is reported across multiple feeds (RH, NVD, OSV, CVE lists) with a CVSS v3.1 base score of 8.8 (HIGH; AV:N/AC:L/P...
flusity CMS Security Vulnerability
flusity CMS is a user interaction interface solution where code can be easily changed or added. A security vulnerability exists in flusity CMS version v2.33, which was discovered to contain a cross-site request forgery CSRF vulnerability via the component /core/tools/updatecontactformsettings.php...
CVE-2024-26491
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...
CVE-2024-26490
A cross-site scripting XSS vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...
CVE-2024-26489
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field...
CVE-2024-26349
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/deletetranslation.php...
CVE-2024-26350
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/updatecontactformsettings.php...
flusity CMS Security Vulnerability
flusity CMS is a user interactive interface solution where code can be easily changed or added. A security vulnerability exists in flusity CMS version v2.33, which was discovered to contain a cross-site request forgery CSRF vulnerability via the component /core/tools/deleteplace.php...