Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
orchardcore orchardcore vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2022-37720
Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation when the maliciou...
Orchardcore Orchard Cms 1.10.3
5.4
CVSSv3
CVE-2022-32173
In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0822
Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore before 1.3.0.
Orchardcore Orchardcore
6.1
CVSSv3
CVE-2022-0820
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore before 1.3.0.
Orchardcore Orchardcore
6.5
CVSSv3
CVE-2022-0821
Improper Authorization in GitHub repository orchardcms/orchardcore before 1.3.0.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0243
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0274
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0159
orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Orchardcore Orchardcore
8.8
CVSSv3
CVE-2021-25966
In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have acces...
Orchardcore Orchard Core 1.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started