Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
soplanning soplanning 1.45 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-9269
SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.
Soplanning Soplanning 1.45
1 Github repository
6.5
CVSSv2
CVE-2019-20179
SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter.
Soplanning Soplanning
5
CVSSv2
CVE-2020-9268
SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.
Soplanning Soplanning 1.45
1 Github repository
4.3
CVSSv2
CVE-2020-9266
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php.
Soplanning Soplanning 1.45
1 Github repository
4.3
CVSSv2
CVE-2020-9267
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php.
Soplanning Soplanning 1.45
1 Github repository
3.5
CVSSv2
CVE-2020-9339
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
Soplanning Soplanning 1.45
3.5
CVSSv2
CVE-2020-9338
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
Soplanning Soplanning 1.45
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started