Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
froxlor froxlor vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-50256
Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory f...
Froxlor Froxlor
4.3
CVSSv3
CVE-2022-4868
Improper Authorization in GitHub repository froxlor/froxlor before 2.0.0-beta1.
Froxlor Froxlor
8.8
CVSSv3
CVE-2020-10235
An issue exists in Froxlor prior to 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInsta...
Froxlor Froxlor
5.5
CVSSv3
CVE-2020-10237
An issue exists in Froxlor up to and including 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file...
Froxlor Froxlor
9.8
CVSSv3
CVE-2023-1307
Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor before 2.0.13.
Froxlor Froxlor
2.7
CVSSv3
CVE-2023-4304
Business Logic Errors in GitHub repository froxlor/froxlor before 2.0.22,2.1.0.
Froxlor Froxlor
6.5
CVSSv3
CVE-2022-3017
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor before 0.10.38.
Froxlor Froxlor
7.2
CVSSv3
CVE-2018-1000527
Froxlor version <= 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $_POST['ssl_ipandport...
Froxlor Froxlor
4.3
CVSSv3
CVE-2022-4867
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor before 2.0.0-beta1.
Froxlor Froxlor
5.4
CVSSv3
CVE-2023-4829
Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor before 2.0.22.
Froxlor Froxlor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »