Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bookstack vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-3767
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
NA
CVE-2023-4624
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-3906
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-4026
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-3916
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-3874
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
9
CVSSv2
CVE-2020-5256
BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where n...
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-4194
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
3.5
CVSSv2
CVE-2017-1000462
BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.
Bookstackapp Bookstack 0.18.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2