Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatcore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-40555
Cross site scripting (XSS) vulnerability in flatCore-CMS 2.2.15 allows malicious users to execute arbitrary code via description field on the new page creation form.
Flatcore Flatcore 2.0.7
NA
CVE-2022-43118
A cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field.
Flatcore Flatcore-cms 2.1.0
6.5
CVSSv2
CVE-2021-41402
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code.
Flatcore Flatcore-cms 2.0.8
7.5
CVSSv2
CVE-2021-41403
flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities.
Flatcore Flatcore-cms 2.0.8
3.5
CVSSv2
CVE-2021-40902
flatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) in the "Create New Page" option through the index page.
Flatcore Flatcore-cms 2.0.8
4.3
CVSSv2
CVE-2021-42245
FlatCore-CMS 2.0.9 has a cross-site scripting (XSS) vulnerability in pages.edit.php through meta tags and content sections.
Flatcore Flatcore-cms 2.0.9
6
CVSSv2
CVE-2021-3745
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
Flatcore Flatcore-cms
3.5
CVSSv2
CVE-2021-39609
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
Flatcore Flatcore-cms 2.0.7
9
CVSSv2
CVE-2021-39608
Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.
Flatcore Flatcore-cms 2.0.7
4
CVSSv2
CVE-2021-23837
An issue exists in flatCore prior to 2.0.0 build 139. A time-based blind SQL injection was identified in the selected_folder HTTP request body parameter for the acp interface. The affected parameter (which retrieves the file contents of the specified folder) was found to be accep...
Flatcore Flatcore
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »