Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bookstackapp vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-4194
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
7.5
CVSSv2
CVE-2021-4119
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-3906
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
Bookstackapp Bookstack
3.5
CVSSv2
CVE-2021-3915
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
Bookstackapp Bookstack
3.5
CVSSv2
CVE-2020-11055
In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation. A user with permission to create comments could POST HTML directly to the system to be saved in a comment, which would then be executed/displayed to others users ...
Bookstackapp Bookstack
9
CVSSv2
CVE-2020-5256
BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where n...
Bookstackapp Bookstack
4
CVSSv2
CVE-2021-3758
bookstack is vulnerable to Server-Side Request Forgery (SSRF)
Bookstackapp Bookstack
3.5
CVSSv2
CVE-2021-3767
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
3.5
CVSSv2
CVE-2021-3768
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
3.5
CVSSv2
CVE-2020-26210
In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have b...
Bookstackapp Bookstack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »