Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uptime-kuma project uptime-kuma vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-25811
Uptime Kuma is a self-hosted monitoring tool. In versions before 1.20.0 the Uptime Kuma `name` parameter allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Uptime-kuma Project Uptime-kuma
8.1
CVSSv3
CVE-2023-36822
Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions before 1.22.1. Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API...
Uptime-kuma Project Uptime-kuma
5.4
CVSSv3
CVE-2023-25810
Uptime Kuma is a self-hosted monitoring tool. In versions before 1.20.0 the Uptime Kuma status page allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Uptime-kuma Project Uptime-kuma
6.1
CVSSv3
CVE-2023-26777
Cross Site Scripting vulnerability found in : louislam Uptime Kuma v.1.19.6 and before allows a remote malicious user to execute arbitrary commands via the description, title, footer, and incident creation parameter of the status_page.js endpoint.
Uptime Kuma Project Uptime Kuma
8.8
CVSSv3
CVE-2023-36821
Uptime Kuma, a self-hosted monitoring tool, allows an authenticated malicious user to install a maliciously crafted plugin in versions before 1.22.1, which may lead to remote code execution. Uptime Kuma allows authenticated users to install plugins from an official list of plugin...
Uptime-kuma Project Uptime-kuma
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started