📦 Flusity

This critical vulnerability in flusity-CMS v2.33 allows remote attackers to execute arbitrary code on affected systems by sending specially crafted scripts to the edit_addon_post.php component. Attack...

This vulnerability in flusity CMS v2.33 allows remote attackers to execute arbitrary code through the add_addon.php component, leading to complete system compromise. It affects all systems running the...

CVE-2024-25502 is a critical directory traversal vulnerability in flusity CMS v2.4 that allows remote attackers to execute arbitrary code and access sensitive files via the download_backup.php compone...

Flusity-CMS v2.33 contains a Cross-Site Request Forgery vulnerability in the contact form settings update component. This allows attackers to trick authenticated administrators into making unauthorize...

Flusity-CMS v2.33 contains a CSRF vulnerability in the /core/tools/add_places.php component that allows attackers to trick authenticated administrators into performing unauthorized actions. This affec...

Flusity-CMS v2.33 contains a CSRF vulnerability in the translation management component that allows attackers to trick authenticated administrators into performing unauthorized actions. This affects a...

Flusity-CMS v2.33 contains a CSRF vulnerability in the update_menu.php component that allows attackers to trick authenticated administrators into performing unauthorized menu updates. This affects all...

A Cross-Site Request Forgery (CSRF) vulnerability in flusity-CMS v2.33 allows remote attackers to execute arbitrary code via the add_customblock.php endpoint. This affects all users running the vulner...

This CSRF vulnerability in flusity-CMS v2.33 allows attackers to trick authenticated administrators into executing arbitrary code by visiting malicious web pages. Attackers can compromise the entire C...