CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

RedhatCVE•added 2025/05/23 9:35 a.m.•5 views

CVE-2024-22548

FlyCms 1.0 is vulnerable to Cross Site Scripting XSS in the system website settings website name section...

5.4CVSS6AI score0.00093EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 5:36 p.m.•7 views

CVE-2020-36065

Cross Site Request Forgery CSRF vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/adminsave...

8.8CVSS7.1AI score0.00112EPSS

Exploits1

Positive Technologies•added 2024/02/01 12:0 a.m.•3 views

PT-2024-19621 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: A Cross Site Request Forgery vulnerability allows a remote attacker to execute arbitrary code via the "system/article/category edit" component. This issue enables attackers to perform unauthorized actions on...

8.8CVSS7.6AI score0.01656EPSS

Exploits1References6

OSV•added 2024/01/18 3:15 p.m.•0 views

CVE-2024-22548

FlyCms 1.0 is vulnerable to Cross Site Scripting XSS in the system website settings website name section...

5.4CVSS5.8AI score0.00093EPSS

Exploits1References1

NVD•added 2024/01/18 3:15 p.m.•11 views

CVE-2024-22548

FlyCms 1.0 is vulnerable to Cross Site Scripting XSS in the system website settings website name section...

5.4CVSS5.3AI score0.00093EPSS

Exploits1References1

NVD•added 2024/01/18 3:15 p.m.•20 views

CVE-2024-22549

FlyCms 1.0 is vulnerable to Cross Site Scripting XSS in the email settings of the website settings section...

5.4CVSS5.3AI score0.00077EPSS

Exploits1References1

Prion•added 2024/01/18 3:15 p.m.•8 views

Cross site scripting

FlyCms 1.0 is vulnerable to Cross Site Scripting XSS in the email settings of the website settings section...

4.9CVSS6.3AI score0.00077EPSS

Exploits1References1Affected Software1

Prion•added 2024/01/18 3:15 p.m.•11 views

Cross site scripting

FlyCms 1.0 is vulnerable to Cross Site Scripting XSS in the system website settings website name section...

4.9CVSS6.3AI score0.00093EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2024/01/18 12:0 a.m.•1 views

PT-2024-19481 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is related to Cross Site Scripting XSS in the email settings of the website settings section. This allows for potential malicious script injection. Recommendations: For FlyCms version 1.0, as a...

5.4CVSS5.2AI score0.00077EPSS

Exploits1References4

Positive Technologies•added 2024/01/18 12:0 a.m.•2 views

PT-2024-19498 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It occurs via the "/system/admin/add group save" API endpoint. This allows for potentially unauthorized actions to be performed on behalf of an...

8.8CVSS6.6AI score0.00076EPSS

Exploits1References4

Positive Technologies•added 2024/01/18 12:0 a.m.•1 views

PT-2024-19575 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It can be exploited via the "/system/email/email conf updagte" API endpoint. This vulnerability allows an attacker to perform unauthorized actions o...

8.8CVSS8.6AI score0.00111EPSS

Exploits1References5