Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
naviwebs vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2020-23243
Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature.
Naviwebs Navigatecms 2.9
6.1
CVSSv3
CVE-2020-13798
An issue exists in Navigate CMS up to and including 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/feeds/feed.class.php.
Naviwebs Navigate Cms
5.3
CVSSv3
CVE-2020-13795
An issue exists in Navigate CMS up to and including 2.8.7. It allows Directory Traversal because lib/packages/templates/template.class.php mishandles ../ and ..\ substrings.
Naviwebs Navigate Cms
9.8
CVSSv3
CVE-2020-14067
The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php.
Naviwebs Navigatecms 2.9
5.4
CVSSv3
CVE-2020-23656
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content."
Naviwebs Navigatecms 2.9
6.1
CVSSv3
CVE-2020-13796
An issue exists in Navigate CMS up to and including 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/structure/structure.class.php.
Naviwebs Navigate Cms
5.4
CVSSv3
CVE-2018-18029
Navigate CMS has Stored XSS via the navigate.php Title field in an edit action.
Naviwebs Navigate Cms -
6.1
CVSSv3
CVE-2020-13797
An issue exists in Navigate CMS up to and including 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/websites/website.class.php.
Naviwebs Navigate Cms
9.8
CVSSv3
CVE-2020-23711
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php.
Naviwebs Navigate Cms 2.9
5.4
CVSSv3
CVE-2021-36454
Cross Site Scripting (XSS) vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1) backups\backups.php, 2) blocks\blocks.php, 3) brands\brands.php, 4) comments\comments.php, 5) coupons\coupons.php, 6) feeds\feeds.php, 7) functions\functions.php, 8) ite...
Naviwebs Navigate Cms 2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »