Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-1726
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table before 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties.
Bootstrap-table Bootstrap Table
4.3
CVSSv2
CVE-2021-23472
This affects versions prior to 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.
Bootstrap-table Bootstrap Table
4.3
CVSSv2
CVE-2018-14041
In Bootstrap prior to 4.1.2, XSS is possible in the data-target property of scrollspy.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
4 Github repositories
NA
CVE-2022-4777
The Bootstrap Shortcodes WordPress plugin up to and including 3.4.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
Bootstrap Shortcodes Project Bootstrap Shortcodes
NA
CVE-2023-23010
Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows malicious users to execute arbitrary code via the languages and trans_load parameters in file add_product.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2021-40975
Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11, Bootstrap 3.3.7) allows remote malicious users to inject arbitrary web script or HTML via the search_title parameter.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap -
NA
CVE-2022-35213
Ecommerce-CodeIgniter-Bootstrap before commit 56465f exists to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
2 Github repositories
4.3
CVSSv2
CVE-2020-25086
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/adminUsers.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2020-25087
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »