Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getkirby kirby vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2020-26255
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers i...
Getkirby Panel
Getkirby Kirby
516
VMScore
CVE-2018-16627
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
Getkirby Kirby 2.5.12
383
VMScore
CVE-2020-26253
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. In order to protect new installations on public servers that don't have an ad...
Getkirby Kirby
Getkirby Panel
355
VMScore
CVE-2017-16807
A cross-site Scripting (XSS) vulnerability in Kirby Panel prior to 2.3.3, 2.4.x prior to 2.4.2, and 2.5.x prior to 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file.
Getkirby Panel
1 EDB exploit
312
VMScore
CVE-2021-32735
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authen...
Getkirby Kirby
312
VMScore
CVE-2021-29460
Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like `<script>` tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser...
Getkirby Kirby
312
VMScore
CVE-2018-16623
Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown.
Getkirby Kirby 2.5.12
312
VMScore
CVE-2018-16624
panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page.
Getkirby Kirby 2.5.12
312
VMScore
CVE-2018-16630
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
Getkirby Kirby 2.5.12
312
VMScore
CVE-2018-16628
panel/login in Kirby v2.5.12 allows XSS via a blog name.
Getkirby Kirby 2.5.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »