Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Flycms
(Flycms_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 18 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-18 | CVE-2024-22817 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte | Flycms | 8.8 | ||
| 2024-01-01 | CVE-2024-21732 | FlyCms through abbaa5a allows XSS via the permission management feature. | Flycms | 6.1 | ||
| 2024-01-08 | CVE-2023-52073 | FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte. | Flycms | 8.8 | ||
| 2024-01-18 | CVE-2024-22592 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update | Flycms | 8.8 | ||
| 2024-01-18 | CVE-2024-22819 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update. | Flycms | 8.8 | ||
| 2023-05-08 | CVE-2020-36065 | Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save. | Flycms | 8.8 | ||
| 2021-04-01 | CVE-2020-19613 | Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503. | Flycms | 7.5 | ||
| 2024-01-08 | CVE-2023-52072 | FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte. | Flycms | 8.8 | ||
| 2024-01-18 | CVE-2024-22593 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save | Flycms | 8.8 | ||
| 2024-01-18 | CVE-2024-22603 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link | Flycms | 8.8 |