Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
soplanning soplanning 1.45 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-9338
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
Soplanning Soplanning 1.45
3.5
CVSSv2
CVE-2020-9339
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
Soplanning Soplanning 1.45
4.3
CVSSv2
CVE-2020-9266
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php.
Soplanning Soplanning 1.45
1 Github repository
4.3
CVSSv2
CVE-2020-9267
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php.
Soplanning Soplanning 1.45
1 Github repository
5
CVSSv2
CVE-2020-9268
SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.
Soplanning Soplanning 1.45
1 Github repository
9
CVSSv2
CVE-2020-9269
SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.
Soplanning Soplanning 1.45
1 Github repository
6.5
CVSSv2
CVE-2019-20179
SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter.
Soplanning Soplanning
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started