Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admidio admidio vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-32630
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload ...
Admidio Admidio
7.8
CVSSv3
CVE-2023-3302
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio before 4.2.9.
Admidio Admidio
7.5
CVSSv3
CVE-2020-11004
SQL Injection exists in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and...
Admidio Admidio
7.2
CVSSv3
CVE-2023-3692
Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio before 4.2.10.
Admidio Admidio
7.2
CVSSv3
CVE-2017-6492
SQL Injection exists in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization.
Admidio Admidio 3.2.5
7.1
CVSSv3
CVE-2022-0991
Insufficient Session Expiration in GitHub repository admidio/admidio before 4.1.9.
Admidio Admidio
6.5
CVSSv3
CVE-2023-4190
Insufficient Session Expiration in GitHub repository admidio/admidio before 4.2.11.
Admidio Admidio
6.1
CVSSv3
CVE-2023-47380
Admidio v4.2.12 and below is vulnerable to Cross Site Scripting (XSS).
Admidio Admidio 4.2.12
6.1
CVSSv3
CVE-2021-43810
Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of t...
Admidio Admidio
5.4
CVSSv3
CVE-2023-3304
Improper Access Control in GitHub repository admidio/admidio before 4.2.9.
Admidio Admidio
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »