Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27668 | 1 Flusity | 1 Flusity | 2025-03-28 | N/A | 6.1 MEDIUM |
| Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.' | |||||
| CVE-2024-26350 | 1 Flusity | 1 Flusity | 2025-03-28 | N/A | 8.8 HIGH |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_contact_form_settings.php | |||||
| CVE-2024-31666 | 1 Flusity | 1 Flusity | 2025-03-28 | N/A | 9.8 CRITICAL |
| An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component. | |||||
| CVE-2024-27680 | 1 Flusity | 1 Flusity | 2025-03-26 | N/A | 6.1 MEDIUM |
| Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the "Contact form." | |||||
| CVE-2024-33442 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 4.3 MEDIUM |
| An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component. | |||||
| CVE-2024-26490 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field. | |||||
| CVE-2024-26491 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field. | |||||
| CVE-2024-23094 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 8.8 HIGH |
| Flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /cover/addons/info_media_gallery/action/edit_addon_post.php | |||||
| CVE-2024-26349 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 4.3 MEDIUM |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php | |||||
| CVE-2024-26351 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 6.1 MEDIUM |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_place.php | |||||
| CVE-2024-26352 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 8.8 HIGH |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_places.php | |||||
| CVE-2024-26445 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 6.1 MEDIUM |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_place.php | |||||
| CVE-2024-25410 | 1 Flusity | 1 Flusity | 2025-03-25 | N/A | 6.5 MEDIUM |
| flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php. | |||||
| CVE-2024-26489 | 1 Flusity | 1 Flusity | 2025-03-13 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field. | |||||
| CVE-2024-25419 | 1 Flusity | 1 Flusity | 2024-11-21 | N/A | 8.8 HIGH |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php. | |||||
| CVE-2024-25418 | 1 Flusity | 1 Flusity | 2024-11-21 | N/A | 8.8 HIGH |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php. | |||||
| CVE-2024-25417 | 1 Flusity | 1 Flusity | 2024-11-21 | N/A | 8.8 HIGH |
| flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php. | |||||
| CVE-2024-24524 | 1 Flusity | 1 Flusity | 2024-11-21 | N/A | 8.8 HIGH |
| Cross Site Request Forgery (CSRF) vulnerability in flusity-CMS v.2.33, allows remote attackers to execute arbitrary code via the add_menu.php component. | |||||
| CVE-2024-24470 | 1 Flusity | 1 Flusity | 2024-11-21 | N/A | 8.8 HIGH |
| Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the update_post.php component. | |||||
| CVE-2024-24469 | 1 Flusity | 1 Flusity | 2024-11-21 | N/A | 8.8 HIGH |
| Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the delete_post .php. | |||||