Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kanboard kanboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36399
Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to a project only get checked on the URL parameter project_id. If the user is author...
4.8
CVSSv3
CVE-2024-22720
Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature.
Kanboard Kanboard 1.2.34
8.8
CVSSv3
CVE-2023-36813
Kanboard is project management software that focuses on the Kanban methodology. In versions before 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations, the ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-33968
Kanboard is open source project management software that focuses on the Kanban methodology. Versions before 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if ...
Kanboard Kanboard
6.5
CVSSv3
CVE-2023-33970
Kanboard is open source project management software that focuses on the Kanban methodology. A vulnerability related to a `missing access control` was found, which allows a User with the lowest privileges to leak all the tasks and projects titles within the software, even if they ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-33969
Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting (XSS) allows an malicious user to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack...
Kanboard Kanboard
6.5
CVSSv3
CVE-2023-33956
Kanboard is open source project management software that focuses on the Kanban methodology. Versions before 1.2.30 are subject to an Insecure direct object reference (IDOR) vulnerability present in the application's URL parameter. This vulnerability enables any user to read ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-32685
Kanboard is project management software that focuses on the Kanban methodology. Due to improper handling of elements under the `contentEditable` element, maliciously crafted clipboard content can inject arbitrary HTML tags into the DOM. A low-privileged attacker with permission t...
Kanboard Kanboard
4.3
CVSSv3
CVE-2019-1003020
A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and previous versions in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.
Jenkins Kanboard
6.1
CVSSv3
CVE-2019-7324
app/Core/Paginator.php in Kanboard prior to 1.2.8 has XSS in pagination sorting.
Kanboard Kanboard
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »