Lucene search

K

07Fly Security Vulnerabilities

cve
cve

CVE-2023-3058

A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public ...

5.4CVSS

4.5AI Score

0.001EPSS

2023-06-02 01:15 PM
47
cve
cve

CVE-2023-5020

A vulnerability, which was classified as critical, has been found in 07FLY CRM V2. This issue affects some unknown processing of the file /index.php/sysmanage/Login/login_auth/ of the component Administrator Login Page. The manipulation of the argument account leads to sql injection. The attack may...

9.8CVSS

8.9AI Score

0.001EPSS

2023-09-17 05:15 AM
46
cve
cve

CVE-2024-57160

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html.

4.3CVSS

7.7AI Score

0.0005EPSS

2025-01-16 04:15 PM
25
cve
cve

CVE-2024-57161

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.html

4.3CVSS

7.7AI Score

0.0005EPSS

2025-01-16 04:15 PM
23
cve
cve

CVE-2024-9855

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule_1 of the component Module Plug-In Handler. The manipulation ...

4.7CVSS

4.8AI Score

0.0004EPSS

2024-10-11 01:15 PM
26
cve
cve

CVE-2024-9856

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack may...

2.4CVSS

3.2AI Score

0.0004EPSS

2024-10-11 01:15 PM
25