Filtered by vendor Flatcore
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13961 | 1 Flatcore | 1 Flatcore | 2024-11-21 | N/A |
| A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php. | ||||
| CVE-2019-10652 | 1 Flatcore | 1 Flatcore | 2024-11-21 | N/A |
| An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature. | ||||
| CVE-2017-1000428 | 1 Flatcore | 1 Flatcore-cms | 2024-11-21 | N/A |
| flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the admin log panel by specifying a malformed User-Agent string. | ||||