Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gophish vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2019-16146
Gophish up to and including 0.8.0 allows XSS via a username.
Getgophish Gophish
7.8
CVSSv3
CVE-2020-24707
Gophish prior to 0.11.0 allows the creation of CSV sheets that contain malicious content.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24708
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the Host field on the send profile form.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24709
Cross Site Scripting (XSS) vulnerability in Gophish up to and including 0.10.1 via a crafted landing page or email template.
Getgophish Gophish
5.3
CVSSv3
CVE-2020-24710
Gophish prior to 0.11.0 allows SSRF attacks.
Getgophish Gophish
6.5
CVSSv3
CVE-2020-24711
The Reset button on the Account Settings page in Gophish prior to 0.11.0 allows malicious users to cause a denial of service via a clickjacking attack
Getgophish Gophish
7.5
CVSSv3
CVE-2020-24713
Gophish up to and including 0.10.1 does not invalidate the gophish cookie upon logout.
Getgophish Gophish
7.5
CVSSv3
CVE-2022-45003
Gophish up to and including 0.12.1 allows malicious users to cause a Denial of Service (DoS) via a crafted payload involving autofocus.
Getgophish Gophish
6.1
CVSSv3
CVE-2022-45004
Gophish up to and including 0.12.1 exists to contain a cross-site scripting (XSS) vulnerability via a crafted landing page.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24712
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the IMAP Host field on the account settings page.
Getgophish Gophish
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »