Flusity: >> Flusity Security Vulnerabilities
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component.
CVSS Score
4.3
EPSS Score
0.009
Published
2024-05-01
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component.
CVSS Score
9.8
EPSS Score
0.291
Published
2024-04-22
An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component.
CVSS Score
9.8
EPSS Score
0.029
Published
2024-04-22
flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."
CVSS Score
6.1
EPSS Score
0.001
Published
2024-03-18
Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.'
CVSS Score
6.1
EPSS Score
0.002
Published
2024-03-04
Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the "Contact form."
CVSS Score
6.1
EPSS Score
0.001
Published
2024-03-04
flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-02-26
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php
CVSS Score
4.3
EPSS Score
0.0
Published
2024-02-22
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_contact_form_settings.php
CVSS Score
8.8
EPSS Score
0.001
Published
2024-02-22
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_place.php
CVSS Score
6.1
EPSS Score
0.0
Published
2024-02-22
Page 1