Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oneclickorgs one click orgs 1.1.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-4552
Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs prior to 1.2.3 allow remote malicious users to inject arbitrary web script or HTML via the description field of (1) a new vote or (2) the eject member proposal feature.
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.0.1
Oneclickorgs One Click Orgs 1.1.0
Oneclickorgs One Click Orgs 1.0.0
5.8
CVSSv2
CVE-2011-4553
Multiple open redirect vulnerabilities in One Click Orgs prior to 1.2.3 allow (1) remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and allow (2) remote authenticated users to redirect users to arbitrary web ...
Oneclickorgs One Click Orgs 1.0.1
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.1.0
Oneclickorgs One Click Orgs 1.0.0
5.5
CVSSv2
CVE-2011-4554
One Click Orgs prior to 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) and newline characters in an org name or (2) " (double quote) characters in an e-mail address, related to a "2nd Order SMTP Injection" issu...
Oneclickorgs One Click Orgs 1.1.0
Oneclickorgs One Click Orgs 1.0.0
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.0.1
4
CVSSv2
CVE-2011-4555
One Click Orgs prior to 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service (login disruption) or spoof votes or comments by selecting a conflicting e-mail address.
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.0.1
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.0
Oneclickorgs One Click Orgs 1.0.0
7.5
CVSSv2
CVE-2011-4677
One Click Orgs prior to 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Oneclickorgs One Click Orgs 1.1.0
Oneclickorgs One Click Orgs 1.0.0
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.0.1
5
CVSSv2
CVE-2011-4678
The password reset feature in One Click Orgs prior to 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote malicious users to enumerate user accounts via a series of requests.
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.0.1
Oneclickorgs One Click Orgs 1.0.0
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started