Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
froxlor froxlor vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-5564
Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor before 2.1.0-dev1.
Froxlor Froxlor
6.1
CVSSv3
CVE-2020-10236
An issue exists in Froxlor prior to 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local malicious users to cause DoS or disclose information out of the config files, because of _createUserdataC...
Froxlor Froxlor
5.5
CVSSv3
CVE-2020-10237
An issue exists in Froxlor up to and including 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file...
Froxlor Froxlor
9.8
CVSSv3
CVE-2021-42325
Froxlor up to and including 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.
Froxlor Froxlor
1 Github repository
8.8
CVSSv3
CVE-2023-0315
Command Injection in GitHub repository froxlor/froxlor before 2.0.8.
Froxlor Froxlor
1 Github repository
5.5
CVSSv3
CVE-2023-0316
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor before 2.0.0.
Froxlor Froxlor
7.5
CVSSv3
CVE-2023-50256
Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory f...
Froxlor Froxlor
7.5
CVSSv3
CVE-2023-0564
Weak Password Requirements in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
4.9
CVSSv3
CVE-2023-0565
Business Logic Errors in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
4.8
CVSSv3
CVE-2023-0566
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor before 2.0.10.
Froxlor Froxlor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »