Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
froxlor froxlor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4304
Business Logic Errors in GitHub repository froxlor/froxlor before 2.0.22,2.1.0.
Froxlor Froxlor
NA
CVE-2022-4864
Argument Injection in GitHub repository froxlor/froxlor before 2.0.0-beta1.
Froxlor Froxlor
NA
CVE-2022-4867
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor before 2.0.0-beta1.
Froxlor Froxlor
NA
CVE-2022-4868
Improper Authorization in GitHub repository froxlor/froxlor before 2.0.0-beta1.
Froxlor Froxlor
445
VMScore
CVE-2016-5100
Froxlor prior to 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote malicious users to guess the password reset token by predicting a value.
Froxlor Froxlor
445
VMScore
CVE-2018-12642
Froxlor up to and including 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user.
Froxlor Froxlor
NA
CVE-2022-3017
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor before 0.10.38.
Froxlor Froxlor
578
VMScore
CVE-2020-10235
An issue exists in Froxlor prior to 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInsta...
Froxlor Froxlor
320
VMScore
CVE-2020-10236
An issue exists in Froxlor prior to 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local malicious users to cause DoS or disclose information out of the config files, because of _createUserdataC...
Froxlor Froxlor
187
VMScore
CVE-2020-10237
An issue exists in Froxlor up to and including 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file...
Froxlor Froxlor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »