Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-16638
Evolution CMS 1.4.x allows XSS via the manager/ search parameter.
Modx Evolution Cms
NA
CVE-2005-0806
Evolution 2.0.3 allows remote malicious users to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
Ximian Evolution 2.0.3
5.2
CVSSv3
CVE-2023-43340
Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters
Evo Evolution Cms 3.2.3
6.1
CVSSv3
CVE-2023-43341
Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected uid parameter.
Evo Evolution Cms 3.2.3
5.4
CVSSv3
CVE-2019-14518
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel.
Modx Evolution Cms 2.0.0
5.4
CVSSv3
CVE-2020-23238
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
Evo Evolution Cms 2.0.2
7.3
CVSSv3
CVE-2011-3355
evolution-data-server3 3.0.3 up to and including 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the v...
Gnome Evolution-data-server3
NA
CVE-2007-1002
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote malicious users to execute arbitrary code via format specifiers in the categories of ...
Evolution Shared Memo 2.8.2.1
NA
CVE-2006-4678
PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote malicious users to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php.
Comscripts News Evolution 3.0.3
1 EDB exploit
7.8
CVSSv3
CVE-2009-3721
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially ...
Gnome Evolution
Ytnef Project Ytnef
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »