Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glfusion glfusion 1.7.9 vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2021-44935
glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. The attacker can complete the attack remotely without interaction.
Glfusion Glfusion 1.7.9
5.3
CVSSv3
CVE-2021-44937
glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html/users.php. An attacker can register with the mailbox of any user. When users want to register, they will find that the mailbox has been occupied.
Glfusion Glfusion 1.7.9
4.3
CVSSv3
CVE-2021-44942
glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. Using the CSRF vulnerability to trick the administrator to click, an attacker can add a blacklist.
Glfusion Glfusion 1.7.9
9.8
CVSSv3
CVE-2021-44949
glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php.
Glfusion Glfusion 1.7.9
6.1
CVSSv3
CVE-2021-45843
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application...
Glfusion Glfusion 1.7.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started