Search Results | AttackerKB

Attacker Value

Disclosure Date: January 08, 2024 (last updated January 12, 2024)

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.

Attacker Value

Disclosure Date: January 08, 2024 (last updated January 12, 2024)

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.

Attacker Value

Disclosure Date: January 01, 2024 (last updated January 09, 2024)

FlyCms through abbaa5a allows XSS via the permission management feature.

Attacker Value

Disclosure Date: May 08, 2023 (last updated October 08, 2023)

Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.

Attacker Value

Disclosure Date: April 01, 2021 (last updated February 22, 2025)

Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503.

Quick Cookie Notification