Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
froxlor froxlor vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-0564
Weak Password Requirements in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
4.9
CVSSv3
CVE-2023-0565
Business Logic Errors in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
4.8
CVSSv3
CVE-2023-0566
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor before 2.0.10.
Froxlor Froxlor
5.3
CVSSv3
CVE-2023-0572
Unchecked Error Condition in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
8.8
CVSSv3
CVE-2023-0671
Code Injection in GitHub repository froxlor/froxlor before 2.0.10.
Froxlor Froxlor
7.2
CVSSv3
CVE-2023-3668
Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor before 2.0.21.
Froxlor Froxlor
4.6
CVSSv3
CVE-2022-3721
Code Injection in GitHub repository froxlor/froxlor before 0.10.39.
Froxlor Froxlor
9.8
CVSSv3
CVE-2021-42325
Froxlor up to and including 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.
Froxlor Froxlor
1 Github repository
9.8
CVSSv3
CVE-2016-5100
Froxlor prior to 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote malicious users to guess the password reset token by predicting a value.
Froxlor Froxlor
9.8
CVSSv3
CVE-2015-5959
Froxlor prior to 0.9.33.2 with the default configuration/setup might allow remote malicious users to obtain the database password by reading /logs/sql-error.log.
Froxlor Froxlor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »