Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kindeditor vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-28717
Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows malicious users to execute arbitrary code.
Kindsoft Kindeditor 4.1.12
6.1
CVSSv3
CVE-2021-42227
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).
Kindsoft Kindeditor
8.8
CVSSv3
CVE-2021-42228
A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.
Kindsoft Kindeditor
6.1
CVSSv3
CVE-2021-37267
Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an malicious user to obtain user cookie information.
Kindsoft Kindeditor -
6.1
CVSSv3
CVE-2021-30086
Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an malicious user to obtain user cookie information.
Kindsoft Kindeditor 4.1.12
6.1
CVSSv3
CVE-2020-23371
Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote malicious users to inject arbitrary web script or HTML via the movieName parameter.
5none Nonecms 1.3.0
6.1
CVSSv3
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.
Kindsoft Kindeditor 4.1.11
7.5
CVSSv3
CVE-2018-18950
KindEditor up to and including 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.
Kindeditor Kindeditor
4.3
CVSSv3
CVE-2017-1002024
Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.
Kindsoft Kind Editor 4.1.11
Kindsoft Kind Editor 4.1.9
Kindsoft Kind Editor 4.1.2
Kindsoft Kindeditor 4.1.12
Kindsoft Kind Editor 4.0.5
Kindsoft Kind Editor 4.0.4
Kindsoft Kind Editor 4.0.3
Kindsoft Kind Editor 4.0.2
Kindsoft Kind Editor 4.1.10
Kindsoft Kind Editor 4.1.8
Kindsoft Kind Editor 4.1.3
Kindsoft Kind Editor 4.1.1
Kindsoft Kind Editor 4.0.6
Kindsoft Kind Editor 4.0.1
Kindsoft Kind Editor
Kindsoft Kind Editor 4.1.7
Kindsoft Kind Editor 4.1.6
Kindsoft Kind Editor 4.1.5
Kindsoft Kind Editor 4.1.4
Kindsoft Kind Editor 4.1
Kindsoft Kind Editor 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started