07fly

Customer Relationship Management

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-7078

Exploit
  • EPSS 0.05%
  • Published 06.07.2025 08:32:05
  • Last modified 01.08.2025 22:28:49

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has ...

4.3

CVE-2024-57160

Exploit
  • EPSS 0.05%
  • Published 16.01.2025 16:15:32
  • Last modified 24.02.2025 19:38:22

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html.

4.3

CVE-2024-57161

Exploit
  • EPSS 0.05%
  • Published 16.01.2025 16:15:32
  • Last modified 24.02.2025 19:38:43

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.html

7.2

CVE-2024-9904

Exploit
  • EPSS 0.29%
  • Published 13.10.2024 02:15:15
  • Last modified 30.07.2025 15:01:41

A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted...

7.2

CVE-2024-9903

Exploit
  • EPSS 0.26%
  • Published 12.10.2024 23:15:11
  • Last modified 30.07.2025 15:16:43

A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/File/fileUpload. The manipulation of the argument file leads to unrestricted upload. It is ...

7.2

CVE-2024-9855

Exploit
  • EPSS 0.26%
  • Published 11.10.2024 13:15:21
  • Last modified 30.07.2025 15:44:51

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule_1 of the co...

4.8

CVE-2024-9856

Exploit
  • EPSS 0.1%
  • Published 11.10.2024 13:15:21
  • Last modified 30.07.2025 15:42:24

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyri...

9.8

CVE-2023-5020

Exploit
  • EPSS 0.05%
  • Published 17.09.2023 05:15:10
  • Last modified 21.11.2024 08:40:54

A vulnerability, which was classified as critical, has been found in 07FLY CRM V2. This issue affects some unknown processing of the file /index.php/sysmanage/Login/login_auth/ of the component Administrator Login Page. The manipulation of the argume...

5.4

CVE-2023-3058

Exploit
  • EPSS 0.07%
  • Published 02.06.2023 13:15:10
  • Last modified 21.11.2024 08:16:20

A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remote...