Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getkirby kirby vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2018-14519
An issue exists in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page.
Getkirby Kirby 2.5.12
187
VMScore
CVE-2021-41252
Kirby is an open source file structured CMS ### Impact Kirby's writer field stores its formatted content as HTML code. Unlike with other field types, it is not possible to escape HTML special characters against cross-site scripting (XSS) attacks, otherwise the formatting wou...
Getkirby Kirby
187
VMScore
CVE-2021-41258
Kirby is an open source file structured CMS. In affected versions Kirby's blocks field stores structured data for each block. This data is then used in block snippets to convert the blocks to HTML for use in your templates. We recommend to escape HTML special characters to p...
Getkirby Kirby
312
VMScore
CVE-2021-32735
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authen...
Getkirby Kirby
578
VMScore
CVE-2020-26255
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers i...
Getkirby Kirby
Getkirby Panel
383
VMScore
CVE-2020-26253
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. In order to protect new installations on public servers that don't have an ad...
Getkirby Kirby
Getkirby Panel
312
VMScore
CVE-2018-16623
Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown.
Getkirby Kirby 2.5.12
312
VMScore
CVE-2018-16624
panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page.
Getkirby Kirby 2.5.12
312
VMScore
CVE-2018-16630
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
Getkirby Kirby 2.5.12
516
VMScore
CVE-2018-16627
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
Getkirby Kirby 2.5.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »