Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatcore vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-41403
flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities.
Flatcore Flatcore-cms 2.0.8
9.8
CVSSv3
CVE-2017-7878
SQL Injection vulnerability in flatCore version 1.4.6 allows an malicious user to read and write to the users database.
Flatcore Flatcore-cms 1.4.6
8.8
CVSSv3
CVE-2021-41402
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code.
Flatcore Flatcore-cms 2.0.8
8.8
CVSSv3
CVE-2019-13961
A CSRF vulnerability was found in flatCore prior to 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.
Flatcore Flatcore
8.8
CVSSv3
CVE-2017-7877
CSRF vulnerability in flatCore version 1.4.6 allows remote malicious users to modify CMS configurations.
Flatcore Flatcore-cms 1.4.6
7.5
CVSSv3
CVE-2017-8868
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
Flatcore Flatcore-cms 1.4.7
7.5
CVSSv3
CVE-2017-7879
SQL Injection vulnerability in flatCore version 1.4.6 allows an malicious user to read the content database.
Flatcore Flatcore-cms 1.4.6
7.2
CVSSv3
CVE-2021-39608
Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.
Flatcore Flatcore-cms 2.0.7
7.2
CVSSv3
CVE-2020-17452
flatCore prior to 1.5.7 allows upload and execution of a .php file by an admin.
Flatcore Flatcore
7.2
CVSSv3
CVE-2019-10652
An issue exists in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.
Flatcore Flatcore 1.4.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »