Flycms Security Vulnerabilities and Issues — Flycms CVE List

Lucene search

Flycms ProjectFlycms

15 matches found

CVE•added 2024/01/18 4:15 p.m.•41 views

CVE-2024-22699

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.

8.8CVSS8.7AI score0.00154EPSS

CVE•added 2024/01/08 10:15 p.m.•36 views

CVE-2023-52074

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.

8.8CVSS8.8AI score0.0015EPSS

CVE•added 2024/01/08 10:15 p.m.•35 views

CVE-2023-52073

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.

8.8CVSS8.8AI score0.0015EPSS

CVE•added 2024/01/18 3:15 p.m.•35 views

CVE-2024-22568

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.

8.8CVSS8.7AI score0.00078EPSS

CVE•added 2024/01/18 5:15 p.m.•34 views

CVE-2024-22819

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.

8.8CVSS8.7AI score0.00085EPSS

CVE•added 2024/01/18 3:15 p.m.•30 views

CVE-2024-22593

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save

8.8CVSS8.8AI score0.00076EPSS

CVE•added 2024/01/18 5:15 p.m.•30 views

CVE-2024-22817

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte

8.8CVSS8.7AI score0.00085EPSS

CVE•added 2024/01/18 3:15 p.m.•29 views

CVE-2024-22591

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.

8.8CVSS8.7AI score0.00078EPSS

CVE•added 2024/01/18 3:15 p.m.•29 views

CVE-2024-22592

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

8.8CVSS8.7AI score0.00076EPSS

CVE•added 2023/05/08 2:15 p.m.•28 views

CVE-2020-36065

Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.

8.8CVSS8.7AI score0.0007EPSS

CVE•added 2024/02/29 1:44 a.m.•28 views

CVE-2024-22939

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component.

8.8CVSS7.8AI score0.02362EPSS

CVE•added 2024/01/08 10:15 p.m.•27 views

CVE-2023-52072

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.

8.8CVSS8.8AI score0.0015EPSS

CVE•added 2024/01/18 5:15 p.m.•25 views

CVE-2024-22601

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save

8.8CVSS8.7AI score0.00082EPSS

CVE•added 2024/01/18 5:15 p.m.•25 views

CVE-2024-22603

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link

8.8CVSS8.7AI score0.00082EPSS

CVE•added 2024/01/18 5:15 p.m.•23 views

CVE-2024-22818

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save

8.8CVSS8.7AI score0.00085EPSS