Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redmine vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2015-8473
The Issues API in Redmine prior to 2.6.8, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.
Debian Debian Linux 8.0
Redmine Redmine 3.1.0
Redmine Redmine 3.1.1
Redmine Redmine 3.0.4
Redmine Redmine 3.0.2
Redmine Redmine 3.0.0
Redmine Redmine 3.0.1
Redmine Redmine
Redmine Redmine 3.0.5
Redmine Redmine 3.0.3
5
CVSSv2
CVE-2015-8346
app/views/timelog/_form.html.erb in Redmine prior to 2.6.8, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.2 allows remote malicious users to obtain sensitive information about subjects of issues by viewing the time logging form.
Redmine Redmine 3.1.1
Redmine Redmine 3.1.0
Redmine Redmine 3.0.5
Redmine Redmine 3.0.2
Redmine Redmine 3.0.0
Redmine Redmine 3.0.1
Redmine Redmine
Redmine Redmine 3.0.3
Redmine Redmine 3.0.4
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2013-4663
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote malicious users to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exist...
Redmine Redmine Git Hosting Plugin -
5.8
CVSSv2
CVE-2014-1985
Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine prior to 2.4.5 and 2.5.x prior to 2.5.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in th...
Redmine Redmine 2.4.2
Redmine Redmine 2.4.1
Redmine Redmine
Redmine Redmine 2.4.3
Redmine Redmine 2.4.0
Redmine Redmine 2.5.0
4
CVSSv2
CVE-2011-4927
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x prior to 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors.
Redmine Redmine 1.0.3
Redmine Redmine 1.0.4
Redmine Redmine 1.0.1
Redmine Redmine 1.0.0
Redmine Redmine 1.0.2
4.3
CVSSv2
CVE-2011-4928
Cross-site scripting (XSS) vulnerability in the textile formatter in Redmine prior to 1.0.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redmine Redmine
Redmine Redmine 0.9.3
Redmine Redmine 0.7.2
Redmine Redmine 0.9.4
Redmine Redmine 0.9.1
Redmine Redmine 0.9.2
Redmine Redmine 0.8.2
Redmine Redmine 0.9.0
Redmine Redmine 0.8.6
Redmine Redmine 1.0.2
Redmine Redmine 1.0.0
Redmine Redmine 0.4.1
Redmine Redmine 0.5.0
Redmine Redmine 0.6.4
Redmine Redmine 0.9.5
Redmine Redmine 0.3.0
Redmine Redmine 0.4.0
Redmine Redmine 0.8.1
Redmine Redmine 0.8.0
Redmine Redmine 0.2.1
Redmine Redmine 0.6.0
Redmine Redmine 0.6.1
7.5
CVSSv2
CVE-2011-4929
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x prior to 1.0.5 allows remote malicious users to execute arbitrary commands via unknown vectors.
Redmine Redmine 0.9.4
Redmine Redmine 0.9.2
Redmine Redmine 1.0.3
Redmine Redmine 0.9.6
Redmine Redmine 0.9.0
Redmine Redmine 1.0.0
Redmine Redmine 1.0.1
Redmine Redmine 0.9.3
Redmine Redmine 0.9.1
Redmine Redmine 0.9.5
Redmine Redmine 1.0.2
Redmine Redmine 1.0.4
1 EDB exploit
4.3
CVSSv2
CVE-2012-0327
Cross-site scripting (XSS) vulnerability in Redmine prior to 1.3.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redmine Redmine 0.6.0
Redmine Redmine 0.6.1
Redmine Redmine 0.9.3
Redmine Redmine 0.6.2
Redmine Redmine 0.6.3
Redmine Redmine 0.9.4
Redmine Redmine 0.9.1
Redmine Redmine 0.7.1
Redmine Redmine 0.1.0
Redmine Redmine 0.9.0
Redmine Redmine 0.8.6
Redmine Redmine 0.7.3
Redmine Redmine 1.1.0
Redmine Redmine 1.0.5
Redmine Redmine 1.2.2
Redmine Redmine 1.2.3
Redmine Redmine 1.0.1
Redmine Redmine 1.0.2
Redmine Redmine 0.5.0
Redmine Redmine 0.5.1
Redmine Redmine 0.7.0
Redmine Redmine 0.9.5
5
CVSSv2
CVE-2012-2054
Redmine prior to 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote malicious users to set attributes in the (1) Comment, (2) Document, (3) IssueCategory, (4) MembersController, (5) Message, (6) News, (7) TimeEn...
Redmine Redmine 0.6.0
Redmine Redmine 0.5.1
Redmine Redmine 0.9.3
Redmine Redmine 0.7.0
Redmine Redmine 0.7.1
Redmine Redmine 0.8.0
Redmine Redmine 1.1.1
Redmine Redmine 0.8.4
Redmine Redmine 0.3.0
Redmine Redmine 0.2.2
Redmine Redmine 0.7.3
Redmine Redmine 1.2.1
Redmine Redmine 1.1.3
Redmine Redmine 0.9.1
Redmine Redmine 0.9.2
Redmine Redmine 0.6.4
Redmine Redmine 1.0.0
Redmine Redmine 1.0.4
Redmine Redmine 1.0.1
Redmine Redmine 1.0.2
Redmine Redmine 0.1.0
Redmine Redmine 0.8.5
4.3
CVSSv2
CVE-2011-1723
Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 up to and including 1.1.1 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained fro...
Redmine Redmine 1.1.0
Redmine Redmine 1.1.1
Redmine Redmine 1.0.1
Redmine Redmine 1.0.2
Redmine Redmine 1.0.3
Redmine Redmine 1.0.4
Redmine Redmine 1.0.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »