Flycms Security Vulnerabilities and Issues — Flycms CVE List

Lucene search

Flycms ProjectFlycms

16 matches found

CVE•added 2024/01/01 8:15 a.m.•50 views

CVE-2024-21732

FlyCms through abbaa5a allows XSS via the permission management feature.

6.1CVSS5.9AI score0.00118EPSS

CVE•added 2024/01/18 4:15 p.m.•41 views

CVE-2024-22699

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.

8.8CVSS8.7AI score0.00154EPSS

CVE•added 2024/01/08 10:15 p.m.•36 views

CVE-2023-52074

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.

8.8CVSS8.8AI score0.0015EPSS

CVE•added 2024/01/08 10:15 p.m.•35 views

CVE-2023-52073

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.

8.8CVSS8.8AI score0.0015EPSS

CVE•added 2024/01/18 3:15 p.m.•35 views

CVE-2024-22568

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.

8.8CVSS8.7AI score0.00078EPSS

CVE•added 2024/01/18 5:15 p.m.•34 views

CVE-2024-22819

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.

8.8CVSS8.7AI score0.00085EPSS

CVE•added 2024/01/18 3:15 p.m.•32 views

CVE-2024-22549

FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section.

5.4CVSS5.3AI score0.00077EPSS

CVE•added 2024/01/18 3:15 p.m.•30 views

CVE-2024-22593

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save

8.8CVSS8.8AI score0.00076EPSS

CVE•added 2024/01/18 5:15 p.m.•30 views

CVE-2024-22817

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte

8.8CVSS8.7AI score0.00085EPSS

CVE•added 2024/01/18 3:15 p.m.•29 views

CVE-2024-22548

FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.

5.4CVSS5.2AI score0.00071EPSS

CVE•added 2024/01/18 3:15 p.m.•29 views

CVE-2024-22591

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.

8.8CVSS8.7AI score0.00078EPSS

CVE•added 2024/01/18 3:15 p.m.•29 views

CVE-2024-22592

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

8.8CVSS8.7AI score0.00076EPSS

CVE•added 2024/01/08 10:15 p.m.•27 views

CVE-2023-52072

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.

8.8CVSS8.8AI score0.0015EPSS

CVE•added 2024/01/18 5:15 p.m.•25 views

CVE-2024-22601

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save

8.8CVSS8.7AI score0.00082EPSS

CVE•added 2024/01/18 5:15 p.m.•25 views

CVE-2024-22603

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link

8.8CVSS8.7AI score0.00082EPSS

CVE•added 2024/01/18 5:15 p.m.•23 views

CVE-2024-22818

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save

8.8CVSS8.7AI score0.00085EPSS