Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
naviwebs navigate cms 2.8 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-14014
An issue exists in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS.
Naviwebs Navigate Cms 2.8
Naviwebs Navigate Cms 2.9
9.8
CVSSv3
CVE-2018-17552
SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote malicious users to bypass authentication via the navigate-user cookie.
Naviwebs Navigate Cms 2.8
1 EDB exploit
6 Github repositories
8.8
CVSSv3
CVE-2018-17553
An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated malicious users to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_i...
Naviwebs Navigate Cms 2.8
1 EDB exploit
4 Github repositories
5.4
CVSSv3
CVE-2018-17849
Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File Upload) request with a multipart/form-data JavaScript payload.
Naviwebs Navigate Cms 2.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started