Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caldera vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-7747
Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin prior to 1.6.0-rc.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported fo...
Calderalabs Caldera Forms
1 EDB exploit
1 Github repository
6.5
CVSSv2
CVE-2021-42560
An issue exists in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks (e.g., File Exfiltration, Server Side Request Forgery, O...
Mitre Caldera 2.9.0
5
CVSSv2
CVE-2000-0369
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote malicious users to cause a denial of service.
Caldera Openlinux 2.3
10
CVSSv2
CVE-2001-0850
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
Caldera Openlinux 3.1
4.3
CVSSv2
CVE-2022-0879
The Caldera Forms WordPress plugin prior to 1.9.7 does not validate and escape the cf-api parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting
Calderaforms Caldera Forms
5
CVSSv2
CVE-2000-0192
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote malicious users to determine what packages are installed on the system.
Caldera Openlinux 2.3
1 EDB exploit
3.5
CVSSv2
CVE-2020-14462
CALDERA 2.7.0 allows XSS via the Operation Name box.
Mitre Caldera 2.7.0
7.2
CVSSv2
CVE-2001-1153
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
Caldera Openunix 8.0
7.2
CVSSv2
CVE-2001-1164
Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.
Caldera Unixware 7.0
4.6
CVSSv2
CVE-2001-1576
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
Caldera Unixware 7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »