Vulnerabilities (CVE)

Filtered by vendor Flatcore Subscribe

Filtered by product Flatcore

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-17452	1 Flatcore	1 Flatcore	2020-08-10	9.0 HIGH	7.2 HIGH
flatCore before 1.5.7 allows upload and execution of a .php file by an admin.
CVE-2019-13961	1 Flatcore	1 Flatcore	2019-07-19	6.8 MEDIUM	8.8 HIGH
A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.
CVE-2019-10652	1 Flatcore	1 Flatcore	2019-04-01	6.5 MEDIUM	7.2 HIGH
An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.