Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rukovoditel vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-43165
A stored cross-site scripting (XSS) vulnerability in the Global Variables feature (/index.php?module=global_vars/vars) of Rukovoditel v3.2.1 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Value parameter after...
Rukovoditel Rukovoditel 3.2.1
5.4
CVSSv3
CVE-2022-43166
A stored cross-site scripting (XSS) vulnerability in the Global Entities feature (/index.php?module=entities/entities) of Rukovoditel v3.2.1 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter after ...
Rukovoditel Rukovoditel 3.2.1
5.4
CVSSv3
CVE-2022-43167
A stored cross-site scripting (XSS) vulnerability in the Users Alerts feature (/index.php?module=users_alerts/users_alerts) of Rukovoditel v3.2.1 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter ...
Rukovoditel Rukovoditel 3.2.1
5.4
CVSSv3
CVE-2022-43169
A stored cross-site scripting (XSS) vulnerability in the Users Access Groups feature (/index.php?module=users_groups/users_groups) of Rukovoditel v3.2.1 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name para...
Rukovoditel Rukovoditel 3.2.1
5.4
CVSSv3
CVE-2022-43170
A stored cross-site scripting (XSS) vulnerability in the Dashboard Configuration feature (index.php?module=dashboard_configure/index) of Rukovoditel v3.2.1 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title ...
Rukovoditel Rukovoditel 3.2.1
9.8
CVSSv3
CVE-2020-11812
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter.
Rukovoditel Rukovoditel 2.5.2
9.8
CVSSv3
CVE-2020-11817
In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting.
Rukovoditel Rukovoditel 2.5.2
5.4
CVSSv3
CVE-2022-44944
Rukovoditel v3.2.1 exists to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted paylo...
Rukovoditel Rukovoditel 3.2.1
5.4
CVSSv3
CVE-2022-44947
Rukovoditel v3.2.1 exists to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted pay...
Rukovoditel Rukovoditel 3.2.1
5.4
CVSSv3
CVE-2022-44949
Rukovoditel v3.2.1 exists to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload i...
Rukovoditel Rukovoditel 3.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »