Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ametys ametys vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-16935
Ametys prior to 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote malicious users to bypass intended access restrictions via a direct request to /plugins/core-ui/servercomm/messages.xml, as demonstrated by changing the admin password by...
Ametys Ametys
1 EDB exploit
5
CVSSv2
CVE-2022-26159
The auto-completion plugin in Ametys CMS prior to 4.5.0 allows a remote unauthenticated malicious user to read documents such as plugins/web/service/search/auto-completion/<domain>/en.xml (and similar pathnames for other languages), which contain all characters typed by all...
Ametys Ametys
1 Github repository
NA
CVE-2024-30614
An issue in Ametys CMS v4.5.0 and before allows malicious users to obtain sensitive information via exposed resources to the error scope.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started