ReportizFlow
Filtered by vendor Flusity
Subscriptions
Filtered by product Flusity
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27668 | 1 Flusity | 1 Flusity | 2025-03-28 | 6.1 Medium |
| Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.' | ||||
| CVE-2024-26350 | 1 Flusity | 1 Flusity | 2025-03-28 | 8.8 High |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_contact_form_settings.php | ||||
| CVE-2024-31666 | 1 Flusity | 1 Flusity | 2025-03-28 | 9.8 Critical |
| An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component. | ||||
| CVE-2024-27680 | 1 Flusity | 1 Flusity | 2025-03-26 | 6.1 Medium |
| Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the "Contact form." | ||||
| CVE-2024-33442 | 1 Flusity | 1 Flusity | 2025-03-25 | 4.3 Medium |
| An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component. | ||||
| CVE-2024-26490 | 1 Flusity | 1 Flusity | 2025-03-25 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field. | ||||
| CVE-2024-26491 | 1 Flusity | 1 Flusity | 2025-03-25 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field. | ||||
| CVE-2024-23094 | 1 Flusity | 1 Flusity | 2025-03-25 | 8.8 High |
| Flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /cover/addons/info_media_gallery/action/edit_addon_post.php | ||||
| CVE-2024-26349 | 1 Flusity | 1 Flusity | 2025-03-25 | 4.3 Medium |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php | ||||
| CVE-2024-26351 | 1 Flusity | 1 Flusity | 2025-03-25 | 6.1 Medium |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_place.php | ||||
| CVE-2024-26352 | 1 Flusity | 1 Flusity | 2025-03-25 | 8.8 High |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_places.php | ||||
| CVE-2024-26445 | 1 Flusity | 1 Flusity | 2025-03-25 | 6.1 Medium |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_place.php | ||||
| CVE-2024-25410 | 1 Flusity | 1 Flusity | 2025-03-25 | 6.5 Medium |
| flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php. | ||||
| CVE-2024-26489 | 1 Flusity | 1 Flusity | 2025-03-13 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field. | ||||
| CVE-2024-32418 | 1 Flusity | 1 Flusity | 2024-11-21 | 9.8 Critical |
| An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component. | ||||
| CVE-2024-25419 | 1 Flusity | 1 Flusity | 2024-11-21 | 8.8 High |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php. | ||||
| CVE-2024-25418 | 1 Flusity | 1 Flusity | 2024-11-21 | 8.8 High |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php. | ||||
| CVE-2024-25417 | 1 Flusity | 1 Flusity | 2024-11-21 | 8.8 High |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php. | ||||
| CVE-2024-24524 | 1 Flusity | 1 Flusity | 2024-11-21 | 8.8 High |
| Cross Site Request Forgery (CSRF) vulnerability in flusity-CMS v.2.33, allows remote attackers to execute arbitrary code via the add_menu.php component. | ||||
| CVE-2024-24470 | 1 Flusity | 1 Flusity | 2024-11-21 | 8.8 High |
| Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the update_post.php component. | ||||