Shodan
Vulnerabilities
Vulnerable Software
Flatpress:  >> Flatpress  >> 1.2.1  Security Vulnerabilities
CVE-2023-1107
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-02
CVE-2023-1106
Cross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-03-02
CVE-2023-1104
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-03-01
CVE-2023-1105
External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-03-01
CVE-2023-0947
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
8.1
EPSS Score
0.759
Published
2023-02-22
CVE-2022-4605
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
6.0
EPSS Score
0.001
Published
2022-12-18
CVE-2022-4606
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
8.8
EPSS Score
0.188
Published
2022-12-18
CVE-2022-40047
Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php.
CVSS Score
5.4
EPSS Score
0.384
Published
2022-10-11
CVE-2022-40048
Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function.
CVSS Score
7.2
EPSS Score
0.018
Published
2022-09-29
CVE-2021-41432
A stored cross-site scripting (XSS) vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content.
CVSS Score
5.4
EPSS Score
0.057
Published
2022-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved