Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getkirby kirby vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-38490
Kirby is a content management system. A vulnerability in versions before 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 only affects Kirby sites that use the `Xml` data handler (e.g. `Data::decode($string, 'xml')`) or the `Xml::parse()` method in site or plugin code. The...
Getkirby Kirby
9.8
CVSSv3
CVE-2017-20174
A vulnerability was found in bastianallgeier Kirby Webmentions Plugin and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to injection. The attack may be launched remotely. The complexity of an attack is rather high. The exp...
Getkirby Webmentions
9.1
CVSSv3
CVE-2020-26255
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers i...
Getkirby Kirby
Getkirby Panel
8.8
CVSSv3
CVE-2023-38488
Kirby is a content management system. A vulnerability in versions before 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to update a Kirby content f...
Getkirby Kirby
7.5
CVSSv3
CVE-2023-38492
Kirby is a content management system. A vulnerability in versions before 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby's API and Panel are disabled in the config). The real-world impact of this vulnerability is limited...
Getkirby Kirby
7.3
CVSSv3
CVE-2023-38489
Kirby is a content management system. A vulnerability in versions before 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby's API and Panel are disabled in the config). It can only be abused if a Kirby user is logged in on ...
Getkirby Kirby
6.1
CVSSv3
CVE-2018-16627
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
Getkirby Kirby 2.5.12
5.9
CVSSv3
CVE-2020-26253
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. In order to protect new installations on public servers that don't have an ad...
Getkirby Kirby
Getkirby Panel
5.4
CVSSv3
CVE-2023-38491
Kirby is a content management system. A vulnerability in versions before 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file...
Getkirby Kirby
5.4
CVSSv3
CVE-2022-36037
kirby is a content management system (CMS) that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting (XSS) is a type of vulnerability that allows execution of any kind of JavaScript code inside the Panel session of the same or other...
Getkirby Kirby
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »