07fly: >> 07flycms Security Vulnerabilities
Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute arbitrary code via the id parameter of the del.html component.
CVSS Score
9.6
EPSS Score
0.001
Published
2025-02-28
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-01-16
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-01-16
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.html?id=93'.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-11-14
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component http://erp.07fly.net:80/oa/OaSchedule/add.html.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-11-08