Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
froxlor froxlor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4304
Business Logic Errors in GitHub repository froxlor/froxlor before 2.0.22,2.1.0.
Froxlor Froxlor
NA
CVE-2022-3869
Code Injection in GitHub repository froxlor/froxlor before 0.10.38.2.
Froxlor Froxlor
578
VMScore
CVE-2020-10235
An issue exists in Froxlor prior to 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInsta...
Froxlor Froxlor
187
VMScore
CVE-2020-10237
An issue exists in Froxlor up to and including 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file...
Froxlor Froxlor
445
VMScore
CVE-2018-12642
Froxlor up to and including 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user.
Froxlor Froxlor
NA
CVE-2023-2034
Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor before 2.0.14.
Froxlor Froxlor
NA
CVE-2023-1307
Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor before 2.0.13.
Froxlor Froxlor
383
VMScore
CVE-2020-29653
Froxlor up to and including 0.10.22 does not perform validation on user input passed in the customermail GET parameter. The value of this parameter is reflected in the login webpage, allowing the injection of arbitrary HTML tags.
Froxlor Froxlor
NA
CVE-2023-50256
Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory f...
Froxlor Froxlor
NA
CVE-2022-4864
Argument Injection in GitHub repository froxlor/froxlor before 2.0.0-beta1.
Froxlor Froxlor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »