Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redmine redmine vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2015-8473
The Issues API in Redmine prior to 2.6.8, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.
Debian Debian Linux 8.0
Redmine Redmine 3.1.0
Redmine Redmine 3.1.1
Redmine Redmine 3.0.4
Redmine Redmine 3.0.2
Redmine Redmine 3.0.0
Redmine Redmine 3.0.1
Redmine Redmine
Redmine Redmine 3.0.5
Redmine Redmine 3.0.3
7.4
CVSSv3
CVE-2015-8474
Open redirect vulnerability in the valid_back_url function in app/controllers/application_controller.rb in Redmine prior to 2.6.7, 3.0.x prior to 3.0.5, and 3.1.x prior to 3.1.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks vi...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Redmine Redmine 3.1.0
Redmine Redmine 3.0.4
Redmine Redmine 3.0.3
Redmine Redmine 2.5.1
Redmine Redmine 3.0.0
Redmine Redmine 3.0.2
Redmine Redmine 3.0.1
Redmine Redmine
5.3
CVSSv3
CVE-2015-8537
app/views/journals/index.builder in Redmine prior to 2.6.9, 3.0.x prior to 3.0.7, and 3.1.x prior to 3.1.3 allows remote malicious users to obtain sensitive information by viewing an Atom feed.
Debian Debian Linux 8.0
Redmine Redmine
Redmine Redmine 3.0.3
Redmine Redmine 3.0.0
Redmine Redmine 3.1.2
Redmine Redmine 3.1.1
Redmine Redmine 3.0.6
Redmine Redmine 3.0.5
Redmine Redmine 3.1.0
Redmine Redmine 3.0.4
Redmine Redmine 3.0.2
Redmine Redmine 3.0.1
NA
CVE-2013-4663
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote malicious users to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exist...
Redmine Redmine Git Hosting Plugin -
NA
CVE-2014-1985
Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine prior to 2.4.5 and 2.5.x prior to 2.5.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in th...
Redmine Redmine 2.4.2
Redmine Redmine 2.4.1
Redmine Redmine
Redmine Redmine 2.4.3
Redmine Redmine 2.4.0
Redmine Redmine 2.5.0
NA
CVE-2011-4928
Cross-site scripting (XSS) vulnerability in the textile formatter in Redmine prior to 1.0.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redmine Redmine
Redmine Redmine 0.9.3
Redmine Redmine 0.7.2
Redmine Redmine 0.9.4
Redmine Redmine 0.9.1
Redmine Redmine 0.9.2
Redmine Redmine 0.8.2
Redmine Redmine 0.9.0
Redmine Redmine 0.8.6
Redmine Redmine 1.0.2
Redmine Redmine 1.0.0
Redmine Redmine 0.4.1
Redmine Redmine 0.5.0
Redmine Redmine 0.6.4
Redmine Redmine 0.9.5
Redmine Redmine 0.3.0
Redmine Redmine 0.4.0
Redmine Redmine 0.8.1
Redmine Redmine 0.8.0
Redmine Redmine 0.2.1
Redmine Redmine 0.6.0
Redmine Redmine 0.6.1
NA
CVE-2011-4929
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x prior to 1.0.5 allows remote malicious users to execute arbitrary commands via unknown vectors.
Redmine Redmine 0.9.4
Redmine Redmine 0.9.2
Redmine Redmine 1.0.3
Redmine Redmine 0.9.6
Redmine Redmine 0.9.0
Redmine Redmine 1.0.0
Redmine Redmine 1.0.1
Redmine Redmine 0.9.3
Redmine Redmine 0.9.1
Redmine Redmine 0.9.5
Redmine Redmine 1.0.2
Redmine Redmine 1.0.4
1 EDB exploit
NA
CVE-2011-4927
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x prior to 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors.
Redmine Redmine 1.0.3
Redmine Redmine 1.0.4
Redmine Redmine 1.0.1
Redmine Redmine 1.0.0
Redmine Redmine 1.0.2
NA
CVE-2012-2054
Redmine prior to 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote malicious users to set attributes in the (1) Comment, (2) Document, (3) IssueCategory, (4) MembersController, (5) Message, (6) News, (7) TimeEn...
Redmine Redmine 0.6.0
Redmine Redmine 0.5.1
Redmine Redmine 0.9.3
Redmine Redmine 0.7.0
Redmine Redmine 0.7.1
Redmine Redmine 0.8.0
Redmine Redmine 1.1.1
Redmine Redmine 0.8.4
Redmine Redmine 0.3.0
Redmine Redmine 0.2.2
Redmine Redmine 0.7.3
Redmine Redmine 1.2.1
Redmine Redmine 1.1.3
Redmine Redmine 0.9.1
Redmine Redmine 0.9.2
Redmine Redmine 0.6.4
Redmine Redmine 1.0.0
Redmine Redmine 1.0.4
Redmine Redmine 1.0.1
Redmine Redmine 1.0.2
Redmine Redmine 0.1.0
Redmine Redmine 0.8.5
NA
CVE-2012-0327
Cross-site scripting (XSS) vulnerability in Redmine prior to 1.3.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redmine Redmine 0.6.0
Redmine Redmine 0.6.1
Redmine Redmine 0.9.3
Redmine Redmine 0.6.2
Redmine Redmine 0.6.3
Redmine Redmine 0.9.4
Redmine Redmine 0.9.1
Redmine Redmine 0.7.1
Redmine Redmine 0.1.0
Redmine Redmine 0.9.0
Redmine Redmine 0.8.6
Redmine Redmine 0.7.3
Redmine Redmine 1.1.0
Redmine Redmine 1.0.5
Redmine Redmine 1.2.2
Redmine Redmine 1.2.3
Redmine Redmine 1.0.1
Redmine Redmine 1.0.2
Redmine Redmine 0.5.0
Redmine Redmine 0.5.1
Redmine Redmine 0.7.0
Redmine Redmine 0.9.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »