Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
doorgets doorgets cms 7.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-11611
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.
Doorgets Doorgets Cms 7.0
6.4
CVSSv2
CVE-2019-11612
doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. A remote unauthenticated attacker can exploit this vulnerability to delete arbitrary files.
Doorgets Doorgets Cms 7.0
4
CVSSv2
CVE-2019-11613
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A remote normal registered user could exploit the vulnerability to obtain database sensitive information.
Doorgets Doorgets Cms 7.0
5
CVSSv2
CVE-2019-11614
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information.
Doorgets Doorgets Cms 7.0
6.5
CVSSv2
CVE-2019-11615
/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server.
Doorgets Doorgets Cms 7.0
7.5
CVSSv2
CVE-2019-11618
doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 access_token in a uri=blog&action=...
Doorgets Doorgets Cms 7.0
4
CVSSv2
CVE-2019-11620
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. A remote background administrator privilege user (or a user with permission to manage modulecategory) could exploit the vulnerability to obtain database sensitive information ...
Doorgets Doorgets Cms 7.0
4
CVSSv2
CVE-2019-11621
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. A remote background administrator privilege user (or a user with permission to manage network configuration) could exploit the vulnerability to obtain datab...
Doorgets Doorgets Cms 7.0
5.5
CVSSv2
CVE-2019-11624
doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote background administrator privilege user can exploit this vulnerability to delete arbitrary files.
Doorgets Doorgets Cms 7.0
5
CVSSv2
CVE-2019-11626
routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request.
Doorgets Doorgets Cms 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »