Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lavalite vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-17434
LavaLite up to and including 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen.
Lavalite Lavalite
NA
CVE-2023-36983
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
Lavalite Lavalite 9.0.0
NA
CVE-2023-36984
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
Lavalite Lavalite 9.0.0
NA
CVE-2023-30124
LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS).
Lavalite Lavalite 9.0.0
NA
CVE-2022-42188
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.
Lavalite Lavalite 9.0.0
NA
CVE-2023-27237
LavaLite CMS v 9.0.0 exists to be vulnerable to a host header injection attack.
Lavalite Lavalite 9.0.0
NA
CVE-2023-27238
LavaLite CMS v 9.0.0 exists to be vulnerable to web cache poisoning.
Lavalite Lavalite 9.0.0
312
VMScore
CVE-2020-28124
Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field.
Lavalite Lavalite 5.8.0
312
VMScore
CVE-2017-1000467
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code.
Lavalite Lavalite 5.2.4
312
VMScore
CVE-2020-23700
Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature.
Lavalite Lavalite 5.8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »