Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getgophish gophish vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-25295
This affects the package github.com/gophish/gophish prior to 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parse(r.FormValue("next")) to extract path and eventually redirect user to a relative URL, but if next param...
Getgophish Gophish
NA
CVE-2022-45003
Gophish up to and including 0.12.1 allows malicious users to cause a Denial of Service (DoS) via a crafted payload involving autofocus.
Getgophish Gophish
NA
CVE-2022-45004
Gophish up to and including 0.12.1 exists to contain a cross-site scripting (XSS) vulnerability via a crafted landing page.
Getgophish Gophish
828
VMScore
CVE-2020-24707
Gophish prior to 0.11.0 allows the creation of CSV sheets that contain malicious content.
Getgophish Gophish
312
VMScore
CVE-2020-24708
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the Host field on the send profile form.
Getgophish Gophish
312
VMScore
CVE-2020-24709
Cross Site Scripting (XSS) vulnerability in Gophish up to and including 0.10.1 via a crafted landing page or email template.
Getgophish Gophish
445
VMScore
CVE-2020-24710
Gophish prior to 0.11.0 allows SSRF attacks.
Getgophish Gophish
383
VMScore
CVE-2020-24711
The Reset button on the Account Settings page in Gophish prior to 0.11.0 allows malicious users to cause a denial of service via a clickjacking attack
Getgophish Gophish
312
VMScore
CVE-2020-24712
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the IMAP Host field on the account settings page.
Getgophish Gophish
445
VMScore
CVE-2020-24713
Gophish up to and including 0.10.1 does not invalidate the gophish cookie upon logout.
Getgophish Gophish
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »