Search Results | AttackerKB

Show filters

Topics 17 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

17 Total Results

Displaying 1-10 of 17

Attacker Value

Unknown

CVE-2024-22939

Disclosure Date: February 29, 2024 (last updated January 17, 2025)

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22819

Disclosure Date: January 18, 2024 (last updated January 24, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22818

Disclosure Date: January 18, 2024 (last updated January 24, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22817

Disclosure Date: January 18, 2024 (last updated January 24, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22603

Disclosure Date: January 18, 2024 (last updated January 24, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22601

Disclosure Date: January 18, 2024 (last updated January 24, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22699

Disclosure Date: January 18, 2024 (last updated January 24, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22593

Disclosure Date: January 18, 2024 (last updated January 21, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22592

Disclosure Date: January 18, 2024 (last updated January 21, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-22591

Disclosure Date: January 18, 2024 (last updated January 21, 2024)

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.

Attack Vector: Network Privileges: None User Interaction: Required

0