Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
orchardcore orchardcore vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-0820
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore before 1.3.0.
Orchardcore Orchardcore
6.5
CVSSv3
CVE-2022-0821
Improper Authorization in GitHub repository orchardcms/orchardcore before 1.3.0.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0822
Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore before 1.3.0.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-32173
In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0159
orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0243
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0274
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
8.8
CVSSv3
CVE-2021-25966
In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have acces...
Orchardcore Orchard Core 1.0.0
9
CVSSv3
CVE-2022-37720
Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation when the maliciou...
Orchardcore Orchard Cms 1.10.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started