CVE-2025-10711 07FLYCMS/07FLY-CMS/07FlyCRM Login cross site scripting

A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This vulnerability affects unknown code of the file /index.php/sysmanage/Login. Such manipulation of the argument Name leads to cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2024-51157

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery CSRF via the component http://erp.07fly.net:80/oa/OaSchedule/add.html...

CVE-2024-9904

A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely...

07FLYCMS、07FLY-CMS和07FLY CRM 代码问题漏洞

07FLY CRM and so on are the products of China Zero Takeoff 07FLY company. 07FLY CRM is an OA office system. 07FLY-CMS is a free and open-source content management system. 07FLYCMS is a free and open-source content management system CMS, which can be used independently to meet the needs of all kin...

CVE-2024-22939

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/categoryedit component...

CVE-2024-22818

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerbility via /system/site/filterKeywordsave...