CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25417
https://notcve.org/view.php?id=CVE-2024-25417
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php. Se descubrió que flusity-CMS v2.33 contenía Cross-Site Request Forgery (CSRF) a través del componente /core/tools/add_translation.php. • https://github.com/Carl0724/cms/blob/main/3.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25419
https://notcve.org/view.php?id=CVE-2024-25419
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php. Se descubrió que flusity-CMS v2.33 contenía Cross-Site Request Forgery (CSRF) a través del componente /core/tools/update_menu.php. • https://github.com/Carl0724/cms/blob/main/1.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25418
https://notcve.org/view.php?id=CVE-2024-25418
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php. Se descubrió que flusity-CMS v2.33 contenía Cross-Site Request Forgery (CSRF) a través del componente /core/tools/delete_menu.php. • https://github.com/Carl0724/cms/blob/main/2.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24469
https://notcve.org/view.php?id=CVE-2024-24469
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the delete_post .php. Vulnerabilidad de Cross Site Request Forgery en flusity-CMS v.2.33 permite a un atacante remoto ejecutar código arbitrario a través de delete_post .php. • https://github.com/tang-0717/cms/blob/main/2.md • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24468
https://notcve.org/view.php?id=CVE-2024-24468
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_customblock.php. Vulnerabilidad de Cross Site Request Forgery en flusity-CMS v.2.33 permite a un atacante remoto ejecutar código arbitrario a través de add_customblock.php. • https://github.com/tang-0717/cms/blob/main/3.md • CWE-352: Cross-Site Request Forgery (CSRF) •