Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatcore flatcore vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-40555
Cross site scripting (XSS) vulnerability in flatCore-CMS 2.2.15 allows malicious users to execute arbitrary code via description field on the new page creation form.
Flatcore Flatcore 2.0.7
6.1
CVSSv3
CVE-2022-43118
A cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field.
Flatcore Flatcore-cms 2.1.0
8.8
CVSSv3
CVE-2021-41402
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code.
Flatcore Flatcore-cms 2.0.8
9.8
CVSSv3
CVE-2021-41403
flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities.
Flatcore Flatcore-cms 2.0.8
5.4
CVSSv3
CVE-2021-40902
flatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) in the "Create New Page" option through the index page.
Flatcore Flatcore-cms 2.0.8
6.1
CVSSv3
CVE-2021-42245
FlatCore-CMS 2.0.9 has a cross-site scripting (XSS) vulnerability in pages.edit.php through meta tags and content sections.
Flatcore Flatcore-cms 2.0.9
6.6
CVSSv3
CVE-2021-3745
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
Flatcore Flatcore-cms
7.2
CVSSv3
CVE-2021-39608
Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.
Flatcore Flatcore-cms 2.0.7
5.4
CVSSv3
CVE-2021-39609
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
Flatcore Flatcore-cms 2.0.7
4.8
CVSSv3
CVE-2021-23836
An issue exists in flatCore prior to 2.0.0 build 139. A stored XSS vulnerability was identified in the prefs_smtp_psw HTTP request body parameter for the acp interface. An admin user can inject malicious client-side script into the affected parameter without any form of input san...
Flatcore Flatcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »