07fly 07flycms
10 CVEs affecting 07fly 07flycms. Latest disclosed: 2025-07-06. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-25379 | Critical | 9.6 | 2025-02-28 | Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute arbitrary code via the id parameter of the del.html component. |
CVE-2024-51156 | Medium | 4.7 | 2024-11-14 | 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.html?id=93'. |
CVE-2024-51157 | Medium | 4.7 | 2024-11-08 | 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component http://erp.07fly.net:80/oa/OaSchedule/add.html. |
CVE-2024-9904 | Medium | 4.7 | 2024-10-13 | A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the… |
CVE-2024-9903 | Medium | 4.7 | 2024-10-12 | A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/… |
CVE-2024-9855 | Medium | 4.7 | 2024-10-11 | A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFil… |
CVE-2025-7078 | Medium | 4.3 | 2025-07-06 | A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation… |
CVE-2024-57611 | Low | 3.5 | 2025-01-16 | 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId. |
CVE-2024-57159 | Low | 3.5 | 2025-01-16 | 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html. |
CVE-2024-9856 | Low | 2.4 | 2024-10-11 | A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of… |