Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
montala resourcespace vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-31260
In Montala ResourceSpace up to and including 9.8 before r19636, csv_export_results_metadata.php allows malicious users to export collection metadata via a non-NULL k value.
Montala Resourcespace
Montala Resourcespace 9.8
9.1
CVSSv3
CVE-2021-41950
A directory traversal issue in ResourceSpace 9.6 prior to 9.6 rev 18277 allows remote unauthenticated malicious users to delete arbitrary files on the ResourceSpace server via the provider and variant parameters in pages/ajax/tiles.php. Attackers can delete configuration or sourc...
Montala Resourcespace 9.6
6.1
CVSSv3
CVE-2021-41951
ResourceSpace prior to 9.6 rev 18290 is affected by a reflected Cross-Site Scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter. If an attacker is able to persuade a victim to visit a crafted URL, malicious JavaScript content may be ex...
Montala Resourcespace
Montala Resourcespace 9.6
9.8
CVSSv3
CVE-2021-41765
A SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of ResourceSpace 9.5 and 9.6 < rev 18274 allows remote unauthenticated malicious users to execute arbitrary SQL commands via the k parameter. This allows malicious users to uncover the full contents of the Resou...
Montala Resourcespace 9.5
Montala Resourcespace 9.6
NA
CVE-2015-6915
SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and previous versions allows remote malicious users to execute arbitrary SQL commands via the "user" cookie to plugins/feedback/pages/feedback.php.
Montala Resourcespace
NA
CVE-2015-3648
Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace prior to 7.2.6727 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter.
Montala Resourcespace
NA
CVE-2011-4311
ResourceSpace prior to 4.2.2833 does not properly validate access keys, which allows remote malicious users to bypass intended resource restrictions via unspecified vectors.
Montala Resourcespace
Montala Resourcespace 3.7.2088
Montala Resourcespace 3.5.1857
Montala Resourcespace 2.2.1240
Montala Resourcespace 4.1.2567
Montala Resourcespace 4.0.2429
Montala Resourcespace 3.9.2269
Montala Resourcespace 3.8.2144
Montala Resourcespace 3.3.1723
Montala Resourcespace 3.2.1651
Montala Resourcespace 3.1.1557
Montala Resourcespace 3.0.1490
Montala Resourcespace 3.6.2022
Montala Resourcespace 3.4.1794
Montala Resourcespace 2.3.1374
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started