Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getkirby kirby vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-14520
An issue exists in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages.
Getkirby Kirby 2.5.12
5.4
CVSSv3
CVE-2021-41258
Kirby is an open source file structured CMS. In affected versions Kirby's blocks field stores structured data for each block. This data is then used in block snippets to convert the blocks to HTML for use in your templates. We recommend to escape HTML special characters to p...
Getkirby Kirby
5.4
CVSSv3
CVE-2021-41252
Kirby is an open source file structured CMS ### Impact Kirby's writer field stores its formatted content as HTML code. Unlike with other field types, it is not possible to escape HTML special characters against cross-site scripting (XSS) attacks, otherwise the formatting wou...
Getkirby Kirby
5.4
CVSSv3
CVE-2021-32735
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authen...
Getkirby Kirby
5.4
CVSSv3
CVE-2018-16624
panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page.
Getkirby Kirby 2.5.12
5.4
CVSSv3
CVE-2018-16628
panel/login in Kirby v2.5.12 allows XSS via a blog name.
Getkirby Kirby 2.5.12
5.4
CVSSv3
CVE-2017-16807
A cross-site Scripting (XSS) vulnerability in Kirby Panel prior to 2.3.3, 2.4.x prior to 2.4.2, and 2.5.x prior to 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file.
Getkirby Panel
1 EDB exploit
5.3
CVSSv3
CVE-2022-39315
Kirby is a Content Management System. Prior to versions 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, a user enumeration vulnerability affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. It can only be exploited for targeted attacks be...
Getkirby Kirby
Getkirby Kirby 3.8.0
4.8
CVSSv3
CVE-2018-16623
Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown.
Getkirby Kirby 2.5.12
4.8
CVSSv3
CVE-2018-16630
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
Getkirby Kirby 2.5.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »