Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatpress flatpress - vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-1148
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
6.1
CVSSv3
CVE-2022-4820
A vulnerability classified as problematic has been found in FlatPress. This affects an unknown part of the file admin/panels/entry/admin.entry.list.php of the component Admin Area. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...
Flatpress Flatpress -
6.1
CVSSv3
CVE-2022-4821
A vulnerability classified as problematic was found in FlatPress. This vulnerability affects the function onupload of the file admin/panels/uploader/admin.uploader.php of the component XML File Handler/MD File Handler. The manipulation leads to cross site scripting. The attack ca...
Flatpress Flatpress -
6.1
CVSSv3
CVE-2022-4822
A vulnerability, which was classified as problematic, has been found in FlatPress. This issue affects some unknown processing of the file setup/lib/main.lib.php of the component Setup. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name ...
Flatpress Flatpress -
9.8
CVSSv3
CVE-2022-4606
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
NA
CVE-2014-100036
Cross-site scripting (XSS) vulnerability in FlatPress 1.0.2 allows remote malicious users to inject arbitrary web script or HTML via the content parameter to the default URI.
Flatpress Flatpress 1.0.2
5.4
CVSSv3
CVE-2022-40047
Flatpress v1.2.1 exists to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php.
Flatpress Flatpress 1.2.1
7.2
CVSSv3
CVE-2022-40048
Flatpress v1.2.1 exists to contain a remote code execution (RCE) vulnerability in the Upload File function.
Flatpress Flatpress 1.2.1
4.8
CVSSv3
CVE-2020-35241
FlatPress 1.0.3 is affected by cross-site scripting (XSS) in the Blog Content component. This vulnerability can allow an malicious user to inject the XSS payload in Blog content via the admin panel. Each time any user will go to that blog page, the XSS triggers and the attacker c...
Flatpress Flatpress 1.0.3
NA
CVE-2008-4120
Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 allow remote malicious users to inject arbitrary web script or HTML via the (1) user or (2) pass parameter to login.php, or the (3) name parameter to contact.php.
Flatpress Flatpress 0.804
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »