07flycms Security Vulnerabilities and Issues — 07flycms CVE List

Lucene search

07fly07flycms

5 matches found

CVE•added 2025/02/28 11:15 p.m.•63 views

CVE-2025-25379

Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute arbitrary code via the id parameter of the del.html component.

9.6CVSS8.1AI score0.00122EPSS

CVE•added 2024/11/08 9:15 p.m.•44 views

CVE-2024-51157

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component http://erp.07fly.net:80/oa/OaSchedule/add.html.

4.7CVSS7.2AI score0.00036EPSS

CVE•added 2025/01/16 4:15 p.m.•42 views

CVE-2024-57159

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.

3.5CVSS7.7AI score0.00026EPSS

CVE•added 2024/11/14 10:15 p.m.•39 views

CVE-2024-51156

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.html?id=93'.

4.7CVSS7.6AI score0.00036EPSS

CVE•added 2025/01/16 4:15 p.m.•39 views

CVE-2024-57611

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId.

3.5CVSS7.2AI score0.00026EPSS