Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caldera vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-14462
CALDERA 2.7.0 allows XSS via the Operation Name box.
Mitre Caldera 2.7.0
3.5
CVSSv2
CVE-2018-7747
Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin prior to 1.6.0-rc.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported fo...
Calderalabs Caldera Forms
1 EDB exploit
1 Github repository
2.6
CVSSv2
CVE-2000-0892
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
U Win U Win
Caldera Openlinux
2.1
CVSSv2
CVE-2002-1231
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
Caldera Unixware 7.1.1
Caldera Openunix 8.0
2.1
CVSSv2
CVE-2002-0887
scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.
Caldera Openserver 5.0.5
Caldera Openserver 5.0.6
1 EDB exploit
2.1
CVSSv2
CVE-2001-0178
kdesu program in KDE2 (KDE prior to 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
Conectiva Linux 6.0
Suse Suse Linux 6.2
Mandrakesoft Mandrake Linux 7.2
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Mandrakesoft Mandrake Linux 7.1
Suse Suse Linux 6.0
Suse Suse Linux 6.1
Suse Suse Linux 7.0
Caldera Openlinux Edesktop 2.4
Suse Suse Linux 6.3
Suse Suse Linux 6.4
Mandrakesoft Mandrake Linux 6.1
2.1
CVSSv2
CVE-2000-0531
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
Caldera Openlinux 2.4
Redhat Linux 6.0
Caldera Openlinux Eserver 2.3
Redhat Linux 6.1
Caldera Openlinux 2.3
1 EDB exploit
2.1
CVSSv2
CVE-1999-0712
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
Caldera Coas 1.0.5
Caldera Coas 1.0.6
Caldera Coas 1.0.7
Caldera Openlinux 2.2
1.2
CVSSv2
CVE-2001-0139
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
Immunix Immunix 7.0 Beta
Caldera Openlinux Desktop 2.3
Mandrakesoft Mandrake Linux 7.2
Debian Debian Linux 2.2
Redhat Linux 7.0
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux 6.0
Caldera Openlinux Eserver 2.3
Caldera Openlinux Edesktop 2.4
Mandrakesoft Mandrake Linux 6.1
NA
CVE-2023-2330
The Caldera Forms Google Sheets Connector WordPress plugin prior to 1.3 does not have CSRF check when updating its Access Code, which could allow malicious users to make logged in admin change the access code to an arbitrary one via a CSRF attack
Gsheetconnector Caldera Forms Google Sheets Connector
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »