Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
croogo croogo vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2014-8577
Multiple cross-site scripting (XSS) vulnerabilities in Croogo prior to 2.1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) data[Contact][title] parameter to admin/contacts/contacts/add page; (2) data[Block][title] or (3) data[Block][alias] parame...
Croogo Croogo
1 EDB exploit
312
VMScore
CVE-2019-7169
A stored-self XSS exists in Croogo through v3.0.5, allowing an malicious user to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3.
Croogo Croogo
312
VMScore
CVE-2019-7173
A stored-self XSS exists in Croogo through v3.0.5, allowing an malicious user to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4.
Croogo Croogo
312
VMScore
CVE-2019-7170
A stored-self XSS exists in Croogo through v3.0.5, allowing an malicious user to execute HTML or JavaScript code in a vulnerable Title field to /admin/taxonomy/vocabularies.
Croogo Croogo
312
VMScore
CVE-2019-7168
A stored-self XSS exists in Croogo through v3.0.5, allowing an malicious user to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog.
Croogo Croogo
312
VMScore
CVE-2019-7171
A stored-self XSS exists in Croogo through v3.0.5, allowing an malicious user to execute HTML or JavaScript code in a vulnerable Title field to /admin/blocks/blocks/edit/8.
Croogo Croogo
312
VMScore
CVE-2019-20789
Croogo prior to 3.0.7 allows XSS via the title to admin/menus/menus or admin/taxonomy/vocabularies.
Croogo Croogo
383
VMScore
CVE-2015-1053
Cross-site scripting (XSS) vulnerability in the administrative backend in Croogo prior to 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via the path parameter to admin/file_manager/file_manager/editfile.
Croogo Croogo
578
VMScore
CVE-2021-44673
A Remote Code Execution (RCE) vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script.
Croogo Croogo 3.0.2
312
VMScore
CVE-2017-1000510
Croogo version 2.3.1-17-g6f82e6c contains a Cross Site Scripting (XSS) vulnerability in Page name that can result in execution of javascript code.
Croogo Croogo 2.3.1-17-g6f82e6c
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started