ReportizFlow
Filtered by vendor Flatcore
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7878 | 1 Flatcore | 1 Flatcore-cms | 2024-11-21 | N/A |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | ||||
| CVE-2017-7877 | 1 Flatcore | 1 Flatcore-cms | 2024-11-21 | N/A |
| CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations. | ||||
| CVE-2017-1000428 | 1 Flatcore | 1 Flatcore-cms | 2024-11-21 | N/A |
| flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the admin log panel by specifying a malformed User-Agent string. | ||||