Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost ghost vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-47194
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
5.4
CVSSv3
CVE-2022-47195
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
5.4
CVSSv3
CVE-2022-47196
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
5.4
CVSSv3
CVE-2022-47197
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
2 Github repositories
9.8
CVSSv3
CVE-2022-27139
An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows malicious users to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authe...
Ghost Ghost 4.39.0
9.8
CVSSv3
CVE-2022-28397
An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows malicious users to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted u...
Ghost Ghost 4.42.0
5.7
CVSSv3
CVE-2023-26510
Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that...
Ghost Ghost 5.35.0
7.3
CVSSv3
CVE-2018-18364
Symantec Ghost Solution Suite (GSS) versions before 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL...
Symantec Ghost Solution Suite 2.5
Symantec Ghost Solution Suite 2.0
Symantec Ghost Solution Suite 3.2
Symantec Ghost Solution Suite 3.0
Symantec Ghost Solution Suite 3.1
Symantec Ghost Solution Suite 3.3
NA
CVE-2015-5689
ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) prior to 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) prior to 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote malicious use...
Symantec Ghost Solutions Suite 1.0
Symantec Ghost Solutions Suite 1.1
Symantec Ghost Solutions Suite 2.0.1
Symantec Ghost Solutions Suite 2.0
Symantec Ghost Solutions Suite 2.1
Symantec Ghost Solutions Suite 2.0.2
Symantec Deployment Solution 6.9
NA
CVE-2012-0306
Symantec Ghost Solution Suite 2.x up to and including 2.5.1 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file.
Symantec Ghost Solutions Suite 2.5
Symantec Ghost Solutions Suite 2.0.0
Symantec Ghost Solutions Suite 2.0.1
Symantec Ghost Solutions Suite 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »