Tourfic

CVEs (5)

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-29135	Cri	0.64	9.9	0.01	Mar 19, 2024	Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15.
CVE-2025-24650	Cri	0.59	9.1	0.00	Jan 24, 2025	Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic allows Upload a Web Shell to a Web Server.This issue affects Tourfic: from n/a through <= 2.15.3.
CVE-2024-29136	Hig	0.55	8.5	0.00	Mar 19, 2024	Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.17.
CVE-2024-29137	Hig	0.48	7.1	0.17	Mar 19, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.7.
CVE-2024-29134	Med	0.42	6.5	0.00	Mar 19, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.8.

CVE-2024-29135CriMar 19, 2024
risk 0.64cvss 9.9epss 0.01
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15.
CVE-2025-24650CriJan 24, 2025
risk 0.59cvss 9.1epss 0.00
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic allows Upload a Web Shell to a Web Server.This issue affects Tourfic: from n/a through <= 2.15.3.
CVE-2024-29136HigMar 19, 2024
risk 0.55cvss 8.5epss 0.00
Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.17.
CVE-2024-29137HigMar 19, 2024
risk 0.48cvss 7.1epss 0.17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.7.
CVE-2024-29134MedMar 19, 2024
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.8.