CVE Tools

flusity

Web & CMS Pluginsunknown

22

Cumulative CVEs

2

Monthly snapshots

#45

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting flusity.

CVE-2024-33442An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component.4.3May 1, 2024
CVE-2024-32418An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component.9.8Apr 22, 2024
CVE-2024-31666An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component.9.8Apr 22, 2024
CVE-2024-27757flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."6.1Mar 18, 2024
CVE-2024-27680Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the "Contact form."6.1Mar 4, 2024
CVE-2024-27668Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.'6.1Mar 4, 2024
CVE-2024-25410flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php.6.5Feb 26, 2024
CVE-2024-26491A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a craft...6.1Feb 22, 2024
CVE-2024-26490A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title...5.4Feb 22, 2024
CVE-2024-26489A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload i...6.1Feb 22, 2024
CVE-2024-26445flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_place.php6.1Feb 22, 2024
CVE-2024-26352flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_places.php8.8Feb 22, 2024
CVE-2024-26351flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_place.php6.1Feb 22, 2024
CVE-2024-26350flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_contact_form_settings.php8.8Feb 22, 2024
CVE-2024-26349flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php4.3Feb 22, 2024