07fly

Customer Relationship Management

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-7078

Exploit
  • EPSS 0.05%
  • Veröffentlicht 06.07.2025 08:32:05
  • Zuletzt bearbeitet 01.08.2025 22:28:49

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has ...

4.3

CVE-2024-57160

Exploit
  • EPSS 0.05%
  • Veröffentlicht 16.01.2025 16:15:32
  • Zuletzt bearbeitet 24.02.2025 19:38:22

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html.

4.3

CVE-2024-57161

Exploit
  • EPSS 0.05%
  • Veröffentlicht 16.01.2025 16:15:32
  • Zuletzt bearbeitet 24.02.2025 19:38:43

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.html

7.2

CVE-2024-9904

Exploit
  • EPSS 0.29%
  • Veröffentlicht 13.10.2024 02:15:15
  • Zuletzt bearbeitet 30.07.2025 15:01:41

A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted...

7.2

CVE-2024-9903

Exploit
  • EPSS 0.26%
  • Veröffentlicht 12.10.2024 23:15:11
  • Zuletzt bearbeitet 30.07.2025 15:16:43

A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/File/fileUpload. The manipulation of the argument file leads to unrestricted upload. It is ...

7.2

CVE-2024-9855

Exploit
  • EPSS 0.26%
  • Veröffentlicht 11.10.2024 13:15:21
  • Zuletzt bearbeitet 30.07.2025 15:44:51

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule_1 of the co...

4.8

CVE-2024-9856

Exploit
  • EPSS 0.1%
  • Veröffentlicht 11.10.2024 13:15:21
  • Zuletzt bearbeitet 30.07.2025 15:42:24

A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyri...

9.8

CVE-2023-5020

Exploit
  • EPSS 0.05%
  • Veröffentlicht 17.09.2023 05:15:10
  • Zuletzt bearbeitet 21.11.2024 08:40:54

A vulnerability, which was classified as critical, has been found in 07FLY CRM V2. This issue affects some unknown processing of the file /index.php/sysmanage/Login/login_auth/ of the component Administrator Login Page. The manipulation of the argume...

5.4

CVE-2023-3058

Exploit
  • EPSS 0.07%
  • Veröffentlicht 02.06.2023 13:15:10
  • Zuletzt bearbeitet 21.11.2024 08:16:20

A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remote...