Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bedita vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-15570
BEdita up to and including 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters.
Bedita Bedita 4.0.0
Bedita Bedita
4.3
CVSSv2
CVE-2015-6809
Multiple cross-site scripting (XSS) vulnerabilities in BEdita prior to 3.6.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) cfg[projectName] parameter to index.php/admin/saveConfig, the (2) data[stats_provider_url] parameter to index.php/areas/sav...
Bedita Bedita
1 EDB exploit
3.5
CVSSv2
CVE-2015-9260
An issue exists in BEdita prior to 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/leafs URI.
Bedita Bedita
3.5
CVSSv2
CVE-2015-1040
Multiple cross-site scripting (XSS) vulnerabilities in the administrative backend in BEdita 3.4.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) lrealname field in the editProfile form to index.php/home/profile; the (2) data[title] or (3) data...
Bedita Bedita 3.4.0
6.8
CVSSv2
CVE-2010-5315
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita prior to 3.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array...
Chialab \\& Channelweb Bedita
1 EDB exploit
4.3
CVSSv2
CVE-2010-5314
Cross-site scripting (XSS) vulnerability in controllers/home_controller.php in BEdita prior to 3.1 allows remote malicious users to inject arbitrary web script or HTML via the searchstring parameter to news/index.
Chialab \\& Channelweb Bedita
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started