Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
recipe module vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-9309
Silverstripe CMS up to and including 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to ex...
Silverstripe Mimevalidator
Silverstripe Recipe
5.1
CVSSv2
CVE-2006-4120
Cross-site scripting (XSS) vulnerability in the Recipe module (recipe.module) prior to 1.54 for Drupal 4.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Drupal 4.0
Drupal Drupal 4.4.0
Drupal Drupal 4.4.1
Drupal Drupal 4.5.5
Drupal Drupal 4.5.6
Drupal Drupal 4.5.1
Drupal Drupal 4.5.2
Drupal Recipe Module
Drupal Drupal 4.5.3
Drupal Drupal 4.5.4
Drupal Drupal 4.4.2
Drupal Drupal 4.5
Drupal Drupal 4.5.7
Drupal Drupal
7.5
CVSSv2
CVE-2008-7226
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the recipeid parameter.
Php-nuke Recipe Module 1.3
Php-nuke Recipe Module 1.4
1 EDB exploit
3.5
CVSSv2
CVE-2020-25454
Cross-site Scripting (XSS) vulnerability in grocy 2.7.1 via the add recipe module, which gets executed when deleting the recipe.
Grocy Project Grocy 2.7.1
5
CVSSv2
CVE-2020-6165
SilverStripe 4.5.0 allows malicious users to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against ...
Silverstripe Silverstripe
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started