Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caldera vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-24896
The Caldera Forms WordPress plugin prior to 1.9.5 does not sanitise and escape the Form Name before outputting it in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Calderaforms Caldera Forms
312
VMScore
CVE-2020-14462
CALDERA 2.7.0 allows XSS via the Operation Name box.
Mitre Caldera 2.7.0
231
VMScore
CVE-2000-0892
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
U Win U Win
Caldera Openlinux
215
VMScore
CVE-2002-0887
scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.
Caldera Openserver 5.0.5
Caldera Openserver 5.0.6
1 EDB exploit
215
VMScore
CVE-2000-0531
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
Caldera Openlinux 2.4
Redhat Linux 6.0
Caldera Openlinux Eserver 2.3
Redhat Linux 6.1
Caldera Openlinux 2.3
1 EDB exploit
187
VMScore
CVE-2002-1231
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
Caldera Unixware 7.1.1
Caldera Openunix 8.0
187
VMScore
CVE-2001-0178
kdesu program in KDE2 (KDE prior to 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
Conectiva Linux 6.0
Suse Suse Linux 6.2
Mandrakesoft Mandrake Linux 7.2
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Mandrakesoft Mandrake Linux 7.1
Suse Suse Linux 6.0
Suse Suse Linux 6.1
Suse Suse Linux 7.0
Caldera Openlinux Edesktop 2.4
Suse Suse Linux 6.3
Suse Suse Linux 6.4
Mandrakesoft Mandrake Linux 6.1
187
VMScore
CVE-1999-0712
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
Caldera Coas 1.0.5
Caldera Coas 1.0.6
Caldera Coas 1.0.7
Caldera Openlinux 2.2
107
VMScore
CVE-2001-0139
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
Immunix Immunix 7.0 Beta
Caldera Openlinux Desktop 2.3
Mandrakesoft Mandrake Linux 7.2
Debian Debian Linux 2.2
Redhat Linux 7.0
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux 6.0
Caldera Openlinux Eserver 2.3
Caldera Openlinux Edesktop 2.4
Mandrakesoft Mandrake Linux 6.1
NA
CVE-2023-2330
The Caldera Forms Google Sheets Connector WordPress plugin prior to 1.3 does not have CSRF check when updating its Access Code, which could allow malicious users to make logged in admin change the access code to an arbitrary one via a CSRF attack
Gsheetconnector Caldera Forms Google Sheets Connector
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »