Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lavalite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36983
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
Lavalite Lavalite 9.0.0
NA
CVE-2023-36984
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
Lavalite Lavalite 9.0.0
NA
CVE-2023-30124
LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS).
Lavalite Lavalite 9.0.0
NA
CVE-2023-27237
LavaLite CMS v 9.0.0 exists to be vulnerable to a host header injection attack.
Lavalite Lavalite 9.0.0
NA
CVE-2023-27238
LavaLite CMS v 9.0.0 exists to be vulnerable to web cache poisoning.
Lavalite Lavalite 9.0.0
NA
CVE-2022-42188
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.
Lavalite Lavalite 9.0.0
3.5
CVSSv2
CVE-2020-23234
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
Lavalite Lavalite 5.8.0
3.5
CVSSv2
CVE-2020-23700
Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature.
Lavalite Lavalite 5.8.0
3.5
CVSSv2
CVE-2020-36395
A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.
Lavalite Lavalite 5.8.0
3.5
CVSSv2
CVE-2020-36396
A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.
Lavalite Lavalite 5.8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »