Flatpress 漏洞列表
共找到 9 个与 Flatpress 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-41432: FlatPress 1.2.1 - Stored Cross-Site Scripting POC
FlatPress 1.2.1 contains a stored cross-site scripting vulnerability that allows for arbitrary execution of JavaScript commands through blog content. An attacker can possibly steal cookie-based authentication credentials and launch other attacks. -
CVE-2022-40047: Flatpress < v1.2.1 - Cross Site Scripting POC
Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php. -
CVE-2023-0947: Flatpress < 1.3 - Path Traversal POC
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3. -
CVE-2021-41432: FlatPress 1.2.1 - Stored Cross-Site Scripting POC
FlatPress 1.2.1 contains a stored cross-site scripting vulnerability that allows for arbitrary execution of JavaScript commands through blog content. An attacker can possibly steal cookie-based authentication credentials and launch other attacks. -
CVE-2022-40047: Flatpress < v1.2.1 - Cross Site Scripting POC
Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php. -
CVE-2023-0947: Flatpress < 1.3 - Path Traversal POC
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3. -
flatpress-xss: FlatPress 1.2.1 - Stored Cross-Site Scripting POC
FlatPress 1.2.1 contains a stored cross-site scripting vulnerability that allows for arbitrary execution of JavaScript commands through blog content. An attacker can steal cookie-based authentication credentials and launch other attacks. Note: this is similar to CVE-2021-41432, however this attack uses the "page" parameter. -
FlatPress CVE-2021-41432 存储型跨站脚本漏洞 无POC
FlatPress存在存储型跨站脚本漏洞。此漏洞是由于对用户输入的content参数的验证不当导致的。 -
FlatPress 路径遍历漏洞(CVE-2023-0947) 无POC
FlatPress是FlatPress社区的一个基于Php无需数据库支持的博客建站系统。 FlatPress1.3之前版本存在路径遍历漏洞,攻击者利用该漏洞可以进行路径遍历。