221 matches found
CVE-2024-33442
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...
CVE-2024-31666
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the editaddonpost.php component...
CVE-2024-31666
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the editaddonpost.php component...
CVE-2024-32418
An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the addaddon.php component...
CVE-2024-32418
An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the addaddon.php component...
CVE-2024-32418
An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the addaddon.php component...
CVE-2024-32418
CVE-2024-32418 describes a remote code execution in flusity CMS v2.33 via the add_addon.php component. The issue arises in that specific component, enabling a remote attacker with network access and no authentication to run arbitrary code with high impact on affected installations. Public details...
CVE-2024-31666
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the editaddonpost.php component...
CVE-2024-31666
CVE-2024-31666 affects flusity-CMS v2.33. The vulnerability allows a remote attacker to execute arbitrary code via a crafted script targeting the edit_addon_post.php component. Multiple connected sources (NVD, Red Hat, OSV, CVE listing, CNNVD, and vuln enrichment) describe the same issue, confirm...
CVE-2024-32418
An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the addaddon.php component...
flusity CMS 安全漏洞
flusity CMS is a user interactive interface solution where code can be easily changed or added. A security vulnerability exists in flusity CMS version v.2.33, which originated from a vulnerability that allows remote attackers to execute arbitrary code by constructing the editaddonpost.php script...
PT-2024-24555 · Unknown · Flusity-Cms
Name of the Vulnerable Software and Affected Versions: flusity CMS version 2.33 Description: An issue in the software allows a remote attacker to execute arbitrary code via the add addon.php component. Recommendations: For version 2.33, consider disabling the add addon.php component until a patch...
CVE-2024-31666
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the editaddonpost.php component...
CVE-2024-27757
flusity CMS through 2.45 allows tools/addonsmodel.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."...
CVE-2024-27757
flusity CMS through 2.45 allows tools/addonsmodel.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."...
CVE-2024-27757
Flusity CMS
CVE-2024-27757
flusity CMS through 2.45 allows tools/addonsmodel.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."...
CVE-2024-27757
flusity CMS through 2.45 allows tools/addonsmodel.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."...
flusity CMS Security Vulnerability
flusity CMS is a user interaction interface solution where code can be easily changed or added. A security vulnerability exists in flusity CMS version 2.45 and earlier versions. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
PT-2024-22025 · Unknown · Flusity-Cms
Name of the Vulnerable Software and Affected Versions: flusity CMS versions through 2.45 Description: The issue allows for XSS in the Gallery Name through the tools/addons model.php file. The product has ceased its development as of February 2024. Recommendations: For versions through 2.45, as a...