Flexdotnetcms Project Flexdotnetcms — known CVE vulnerabilities
Every CVE whose affected-product data names Flexdotnetcms Project Flexdotnetcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-27386 — CVSS 8.8 (high): An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary…
CVE-2020-27385 — CVSS 8.1 (high): Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote…