Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kanboard kanboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36399
Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to a project only get checked on the URL parameter project_id. If the user is author...
4.8
CVSSv3
CVE-2024-22720
Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature.
Kanboard Kanboard 1.2.34
8.8
CVSSv3
CVE-2023-36813
Kanboard is project management software that focuses on the Kanban methodology. In versions before 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations, the ...
Kanboard Kanboard
6.5
CVSSv3
CVE-2023-33956
Kanboard is open source project management software that focuses on the Kanban methodology. Versions before 1.2.30 are subject to an Insecure direct object reference (IDOR) vulnerability present in the application's URL parameter. This vulnerability enables any user to read ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-33968
Kanboard is open source project management software that focuses on the Kanban methodology. Versions before 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-33969
Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting (XSS) allows an malicious user to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack...
Kanboard Kanboard
6.5
CVSSv3
CVE-2023-33970
Kanboard is open source project management software that focuses on the Kanban methodology. A vulnerability related to a `missing access control` was found, which allows a User with the lowest privileges to leak all the tasks and projects titles within the software, even if they ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-32685
Kanboard is project management software that focuses on the Kanban methodology. Due to improper handling of elements under the `contentEditable` element, maliciously crafted clipboard content can inject arbitrary HTML tags into the DOM. A low-privileged attacker with permission t...
Kanboard Kanboard
4.3
CVSSv3
CVE-2019-1003020
A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and previous versions in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.
Jenkins Kanboard
6.1
CVSSv3
CVE-2019-7324
app/Core/Paginator.php in Kanboard prior to 1.2.8 has XSS in pagination sorting.
Kanboard Kanboard
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »