Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codoforum vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-25876
A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated malicious users to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.
Codologic Codoforum 5.0.2
5.4
CVSSv3
CVE-2020-25879
A stored cross site scripting (XSS) vulnerability in the 'Manage Users' feature of Codoforum v5.0.2 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Username' parameter.
Codologic Codoforum 5.0.2
6.1
CVSSv3
CVE-2020-5842
Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. The payload is, for example, executed on the admin/index.php?page=users/manage page.
Codologic Codoforum 4.8.3
1 Github repository
4.8
CVSSv3
CVE-2020-5843
Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen.
Codologic Codoforum 4.8.3
NA
CVE-2014-92611
Codoforum version 2.5.1 suffers from an arbitrary file download vulnerability.
NA
CVE-2020-22539
An arbitrary file upload vulnerability in the Add Category function of Codoforum v4.9 allows malicious users to execute arbitrary code via uploading a crafted file.
NA
CVE-2020-22540
Stored Cross-Site Scripting (XSS) vulnerability in Codoforum v4.9, allows malicious users to execute arbitrary code and obtain sensitive information via crafted payload to Category name component.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2