📦 07flycms

A Cross-Site Request Forgery (CSRF) vulnerability in 07FLYCMS v1.3.9 allows remote attackers to trick authenticated users into executing unauthorized delete operations via the id parameter in the del....

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in 07FLYCMS, 07FLY-CMS, and 07FlyCRM products up to version 1.3.9. Attackers can trick authenticated users into performing unintend...

This CSRF vulnerability in 07FLYCMS V1.3.9 allows attackers to trick authenticated administrators into performing unintended actions by visiting malicious web pages. Attackers could delete system noti...

This CSRF vulnerability in 07FLYCMS V1.3.9 allows attackers to trick authenticated users into performing unauthorized actions by visiting malicious web pages. It affects all users of the vulnerable ve...

This critical vulnerability in 07FLYCMS/07FlyCRM allows attackers to upload arbitrary files without restrictions via the pictureUpload function. Remote attackers can exploit this to upload malicious f...