Filtered by vendor Flatcore
Subscribe
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8868 | 1 Flatcore | 1 Flatcore-cms | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF. | |||||
| CVE-2017-7878 | 1 Flatcore | 1 Flatcore-cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | |||||
| CVE-2017-7879 | 1 Flatcore | 1 Flatcore-cms | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database. | |||||