Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redaxo redaxo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25298
An issue exists in REDAXO version 5.15.1, allows malicious users to execute arbitrary code and obtain sensitive information via modules.modules.php.
Redaxo Redaxo 5.15.1
NA
CVE-2024-25300
A cross-site scripting (XSS) vulnerability in Redaxo v5.15.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Template section.
Redaxo Redaxo 5.15.1
NA
CVE-2024-25301
Redaxo v5.15.1 exists to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php.
Redaxo Redaxo 5.15.1
356
VMScore
CVE-2021-39458
Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup. This leads of leaking the database credentials in the environment variables.
Redaxo Redaxo 5.12.1
1 Github repository
801
VMScore
CVE-2021-39459
Remote code execution in the modules component in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user to execute code on the hosting system via a module containing malicious PHP code.
Redaxo Redaxo 5.12.1
1 Github repository
605
VMScore
CVE-2016-10757
In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php.
Readaxo Readaxo 5.2.0
668
VMScore
CVE-2018-18200
There is a SQL injection in Benutzerverwaltung in REDAXO prior to 5.6.4.
Redaxo Redaxo
383
VMScore
CVE-2018-18198
The $opener_input_field variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. The attacker can insert XSS payloads via an index.php?page=mediapool/media&opener_input_field=[XSS] request.
Redaxo Redaxo 5.6.3
383
VMScore
CVE-2018-18199
Mediamanager in REDAXO prior to 5.6.4 has XSS.
Redaxo Redaxo
312
VMScore
CVE-2018-17830
The $args variable in addons/mediapool/pages/index.php in REDAXO 5.6.2 is not effectively filtered, because names are not restricted (only values are restricted). The attacker can insert XSS payloads via an index.php?page=mediapool/media&opener_input_field=&args[ substrin...
Redaxo Redaxo 5.6.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »