← Back

Flexpaper

flexpaper

Vendor: Flowpaper • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-11686
1Flowpaper
1Flexpaper
Nov 21, 2024
Jul 3, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
CVE-2014-9678
1Flowpaper
1Flexpaper
May 13, 2026
Oct 17, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing attacks via the Swfile parameter.
CVE-2014-9677
1Flowpaper
1Flexpaper
May 13, 2026
Oct 17, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the Swfile parameter.