CVE-2025-62797
- EPSS 0.04%
- Veröffentlicht 29.10.2025 17:49:07
- Zuletzt bearbeitet 30.10.2025 15:03:13
FluxCP is a web-based Control Panel for rAthena servers written in PHP. A critical Cross-Site Request Forgery (CSRF) vulnerability exists in the FluxCP-based website template used by multiple rAthena/Ragnarok servers. State-changing POST endpoints ac...
CVE-2024-45799
- EPSS 0.12%
- Veröffentlicht 16.09.2024 19:16:10
- Zuletzt bearbeitet 23.04.2025 17:30:17
FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's b...
CVE-2022-4421
- EPSS 0.21%
- Veröffentlicht 12.12.2022 14:15:10
- Zuletzt bearbeitet 21.11.2024 07:35:14
A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument ssli...