Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Flatcore\-Cms
(Flatcore)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-04-14 | CVE-2017-7878 | SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | Flatcore\-Cms | 9.8 | ||
| 2017-04-14 | CVE-2017-7877 | CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations. | Flatcore\-Cms | 8.8 | ||
| 2018-01-10 | CVE-2017-1000428 | flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the admin log panel by specifying a malformed User-Agent string. | Flatcore\-Cms | 6.1 |