Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
talelin lin-cms-flask 0.1.1 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-18699
Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote malicious users to execute arbitrary code by entering scripts in the the 'Username' parameter of the in component 'app/api/cms/user.py'.
Talelin Lin-cms-flask 0.1.1
9.8
CVSSv3
CVE-2020-18698
Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote malicious users to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'.
Talelin Lin-cms-flask 0.1.1
9.8
CVSSv3
CVE-2020-18701
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote malicious users to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.
Talelin Lin-cms-flask 0.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started