A vulnerability has been found in flusity CMS and classified as critical. Affected by this vulnerability is the function handleFileUpload of the file core/tools/upload.php. The manipulation of the argument uploaded_file leads to unrestricted upload. The attack can be launched remotely. The exploit....
8.8CVSS
8.7AI Score
0.001EPSS
Cross Site Request Forgery (CSRF) vulnerability in flusity-CMS v.2.33, allows remote attackers to execute arbitrary code via the add_menu.php...
8.8CVSS
9.1AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in flusity CMS. Affected is the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument menu_id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
4.8CVSS
4.9AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in flusity CMS. This issue affects the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument edit_post_id leads to cross site scripting. The attack may be initiated remotely. The exploit has.....
4.8CVSS
4.9AI Score
0.001EPSS
A vulnerability was found in flusity CMS and classified as problematic. This issue affects the function loadCustomBlocCreateForm of the file /core/tools/customblock.php of the component Dashboard. The manipulation of the argument customblock_place leads to cross site scripting. The attack may be...
5.4CVSS
5.1AI Score
0.001EPSS
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
8.8CVSS
8.8AI Score
0.001EPSS
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
8.8CVSS
8.8AI Score
0.001EPSS
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
8.8CVSS
8.8AI Score
0.001EPSS
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the delete_post...
8.8CVSS
8.8AI Score
0.001EPSS
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the...
8.8CVSS
8.8AI Score
0.001EPSS
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the update_post.php...
8.8CVSS
8.8AI Score
0.001EPSS