sms2056/cms

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-27694 ↗	Mar 4, 2024Monday, 4 March 2024, 16:15	7.4 HIGH	—
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the /system/share/ztree_category_edit.
CVE-2024-27734 ↗	Mar 1, 2024Friday, 1 March 2024, 17:15	6.1 MEDIUM	—
A Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows an attacker to execute arbitrary code via a crafted script to the Site Name fields of the Site Settings component.