Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getkirby kirby 2.5.12 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2018-16627
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
Getkirby Kirby 2.5.12
3.5
CVSSv2
CVE-2018-16623
Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown.
Getkirby Kirby 2.5.12
3.5
CVSSv2
CVE-2018-16624
panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page.
Getkirby Kirby 2.5.12
3.5
CVSSv2
CVE-2018-16630
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
Getkirby Kirby 2.5.12
3.5
CVSSv2
CVE-2018-16628
panel/login in Kirby v2.5.12 allows XSS via a blog name.
Getkirby Kirby 2.5.12
NA
CVE-2018-14520
An issue exists in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages.
Getkirby Kirby 2.5.12
NA
CVE-2018-14519
An issue exists in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page.
Getkirby Kirby 2.5.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started