Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatcore flatcore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-40555
Cross site scripting (XSS) vulnerability in flatCore-CMS 2.2.15 allows malicious users to execute arbitrary code via description field on the new page creation form.
Flatcore Flatcore 2.0.7
NA
CVE-2022-43118
A cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field.
Flatcore Flatcore-cms 2.1.0
6.5
CVSSv2
CVE-2021-41402
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code.
Flatcore Flatcore-cms 2.0.8
7.5
CVSSv2
CVE-2021-41403
flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities.
Flatcore Flatcore-cms 2.0.8
3.5
CVSSv2
CVE-2021-40902
flatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) in the "Create New Page" option through the index page.
Flatcore Flatcore-cms 2.0.8
4.3
CVSSv2
CVE-2021-42245
FlatCore-CMS 2.0.9 has a cross-site scripting (XSS) vulnerability in pages.edit.php through meta tags and content sections.
Flatcore Flatcore-cms 2.0.9
6
CVSSv2
CVE-2021-3745
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
Flatcore Flatcore-cms
3.5
CVSSv2
CVE-2021-39609
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
Flatcore Flatcore-cms 2.0.7
9
CVSSv2
CVE-2021-39608
Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.
Flatcore Flatcore-cms 2.0.7
3.5
CVSSv2
CVE-2021-23836
An issue exists in flatCore prior to 2.0.0 build 139. A stored XSS vulnerability was identified in the prefs_smtp_psw HTTP request body parameter for the acp interface. An admin user can inject malicious client-side script into the affected parameter without any form of input san...
Flatcore Flatcore
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »