Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
froxlor froxlor vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-0316
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor before 2.0.0.
Froxlor Froxlor
7.5
CVSSv3
CVE-2023-0564
Weak Password Requirements in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
4.9
CVSSv3
CVE-2023-0565
Business Logic Errors in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
4.8
CVSSv3
CVE-2023-0566
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor before 2.0.10.
Froxlor Froxlor
5.3
CVSSv3
CVE-2023-0572
Unchecked Error Condition in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
7.5
CVSSv3
CVE-2018-12642
Froxlor up to and including 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user.
Froxlor Froxlor
8.8
CVSSv3
CVE-2020-10235
An issue exists in Froxlor prior to 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInsta...
Froxlor Froxlor
9.8
CVSSv3
CVE-2015-5959
Froxlor prior to 0.9.33.2 with the default configuration/setup might allow remote malicious users to obtain the database password by reading /logs/sql-error.log.
Froxlor Froxlor
7.5
CVSSv3
CVE-2023-2666
Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor before 2.0.16.
Froxlor Froxlor
7.2
CVSSv3
CVE-2018-1000527
Froxlor version <= 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $_POST['ssl_ipandport...
Froxlor Froxlor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »