Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sencha vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-1238
Session fixation vulnerability in SENCHA SNS prior to 1.0.2 allows remote malicious users to hijack web sessions via unspecified vectors.
Icz Sencha Sns
Icz Sencha Sns 1.0.0
6.8
CVSSv2
CVE-2012-1237
Cross-site request forgery (CSRF) vulnerability in SENCHA SNS prior to 1.0.2 allows remote malicious users to hijack the authentication of arbitrary users.
Icz Sencha Sns
Icz Sencha Sns 1.0.0
3.5
CVSSv2
CVE-2018-3717
connect node module prior to 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware.
Sencha Connect
4.3
CVSSv2
CVE-2013-4691
Sencha Labs Connect has XSS with connect.methodOverride()
Sencha Connect -
4.3
CVSSv2
CVE-2018-8046
The getTip() method of Action Columns of Sencha Ext JS 4 to 6 prior to 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip() ...
Sencha Ext Js
5
CVSSv2
CVE-2007-6758
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
Sencha Ext Js 5.0.0
4.3
CVSSv2
CVE-2013-7371
node-connects prior to 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
Sencha Connect
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2013-7370
node-connect prior to 2.8.1 has XSS in the Sencha Labs Connect middleware
Redhat Openshift 2.0
Sencha Connect
Opensuse Opensuse 13.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started