Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admidio admidio vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-32630
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload ...
Admidio Admidio
7.2
CVSSv3
CVE-2017-6492
SQL Injection exists in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization.
Admidio Admidio 3.2.5
4.5
CVSSv3
CVE-2017-8382
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
Admidio Admidio 3.2.8
1 EDB exploit
1 Github repository
NA
CVE-2008-5209
Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Admidio Admidio 1.4.8
1 EDB exploit
6.1
CVSSv3
CVE-2023-47380
Admidio v4.2.12 and below is vulnerable to Cross Site Scripting (XSS).
Admidio Admidio 4.2.12
NA
CVE-2012-4748
Admidio 2.3.5 - Multiple Vulnerabilities
1 EDB exploit
NA
CVE-2012-4749
Admidio 2.3.5 - Multiple Vulnerabilities
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2