Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
soplanning soplanning 1.45 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-9268
SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.
Soplanning Soplanning 1.45
1 Github repository
4.3
CVSSv2
CVE-2020-9266
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php.
Soplanning Soplanning 1.45
1 Github repository
4.3
CVSSv2
CVE-2020-9267
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php.
Soplanning Soplanning 1.45
1 Github repository
9
CVSSv2
CVE-2020-9269
SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.
Soplanning Soplanning 1.45
1 Github repository
3.5
CVSSv2
CVE-2020-9338
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
Soplanning Soplanning 1.45
3.5
CVSSv2
CVE-2020-9339
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
Soplanning Soplanning 1.45
6.5
CVSSv2
CVE-2019-20179
SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter.
Soplanning Soplanning
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started