Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
travianz project travianz 8.3.4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-36993
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an malicious user to guess the password reset.parameters and to take over accounts.
Travianz Project Travianz 8.3.4
Travianz Project Travianz 8.3.3
9.8
CVSSv3
CVE-2023-36994
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an malicious user to overwrite the server configuration and inject PHP code.
Travianz Project Travianz 8.3.4
Travianz Project Travianz 8.3.3
7.2
CVSSv3
CVE-2023-36992
PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote malicious users to execute PHP code.
Travianz Project Travianz 8.3.4
Travianz Project Travianz 8.3.3
6.1
CVSSv3
CVE-2023-36995
TravianZ up to and including 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR cookie.
Travianz Project Travianz
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started