flusity 漏洞與 CVE 列表(28)

產品(CPE): — CVE 數: 28

flusity 漏洞概覽

彙總 flusity 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 CSRF與跨站腳本 等問題,部分漏洞可能導致 工作階段劫持,並影響 生產負載與軟體部署 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 12028 CVE 數
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2024-33442 An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component. [email protected] 4.3 0.63% 2024-05-01 2026-06-17
CVE-2024-31666 An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component. [email protected] 9.8 1.71% 2024-04-22 2026-06-17
CVE-2024-32418 An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component. [email protected] 9.8 1.05% 2024-04-21 2026-06-17
CVE-2024-27757 flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024." [email protected] 6.1 0.42% 2024-03-18 2026-06-17
CVE-2024-27680 Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the "Contact form." [email protected] 6.1 0.40% 2024-03-04 2026-06-17
CVE-2024-27668 Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.' [email protected] 6.1 0.41% 2024-03-04 2026-06-17
CVE-2024-25410 flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php. [email protected] 6.5 0.58% 2024-02-26 2026-06-17
CVE-2024-26445 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_place.php [email protected] 6.1 0.22% 2024-02-22 2026-06-17
CVE-2024-26352 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_places.php [email protected] 8.8 0.34% 2024-02-22 2026-06-17
CVE-2024-26351 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_place.php [email protected] 6.1 0.20% 2024-02-22 2026-06-17
CVE-2024-26350 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_contact_form_settings.php [email protected] 8.8 0.33% 2024-02-22 2026-06-17
CVE-2024-26349 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php [email protected] 4.3 0.30% 2024-02-22 2026-06-17
CVE-2024-23094 Flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /cover/addons/info_media_gallery/action/edit_addon_post.php [email protected] 8.8 0.30% 2024-02-22 2026-06-17
CVE-2024-26491 A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field. [email protected] 6.1 0.44% 2024-02-22 2026-06-17
CVE-2024-26490 A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field. [email protected] 5.4 0.41% 2024-02-22 2026-06-17
CVE-2024-26489 A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field. [email protected] 6.1 0.41% 2024-02-22 2026-06-17
CVE-2024-25502 Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the download_backup.php component. [email protected] 9.8 1.42% 2024-02-15 2026-06-17
CVE-2024-25419 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php. [email protected] 8.8 0.35% 2024-02-11 2026-06-17
CVE-2024-25418 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php. [email protected] 8.8 0.35% 2024-02-11 2026-06-17
CVE-2024-25417 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php. [email protected] 8.8 0.32% 2024-02-11 2026-06-17
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence