Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kindeditor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-28717
Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows malicious users to execute arbitrary code.
Kindsoft Kindeditor 4.1.12
6.8
CVSSv2
CVE-2021-42228
A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.
Kindsoft Kindeditor
4.3
CVSSv2
CVE-2021-42227
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).
Kindsoft Kindeditor
4.3
CVSSv2
CVE-2021-30086
Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an malicious user to obtain user cookie information.
Kindsoft Kindeditor 4.1.12
4.3
CVSSv2
CVE-2021-37267
Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an malicious user to obtain user cookie information.
Kindsoft Kindeditor -
4.3
CVSSv2
CVE-2020-23371
Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote malicious users to inject arbitrary web script or HTML via the movieName parameter.
5none Nonecms 1.3.0
4.3
CVSSv2
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.
Kindsoft Kindeditor 4.1.11
5
CVSSv2
CVE-2018-18950
KindEditor up to and including 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.
Kindeditor Kindeditor
4
CVSSv2
CVE-2017-1002024
Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.
Kindsoft Kind Editor 4.1.11
Kindsoft Kind Editor 4.1.9
Kindsoft Kind Editor 4.1.2
Kindsoft Kindeditor 4.1.12
Kindsoft Kind Editor 4.0.5
Kindsoft Kind Editor 4.0.4
Kindsoft Kind Editor 4.0.3
Kindsoft Kind Editor 4.0.2
Kindsoft Kind Editor 4.1.10
Kindsoft Kind Editor 4.1.8
Kindsoft Kind Editor 4.1.3
Kindsoft Kind Editor 4.1.1
Kindsoft Kind Editor 4.0.6
Kindsoft Kind Editor 4.0.1
Kindsoft Kind Editor
Kindsoft Kind Editor 4.1.7
Kindsoft Kind Editor 4.1.6
Kindsoft Kind Editor 4.1.5
Kindsoft Kind Editor 4.1.4
Kindsoft Kind Editor 4.1
Kindsoft Kind Editor 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started