Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rukovoditel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-48175
Rukovoditel v3.2.1 exists to contain a remote code execution (RCE) vulnerability in the component /rukovoditel/index.php?module=dashboard/ajax_request.
Rukovoditel Rukovoditel 3.2.1
1 Github repository
9.8
CVSSv3
CVE-2022-44945
Rukovoditel v3.2.1 exists to contain a SQL injection vulnerability via the heading_field_id parameter.
Rukovoditel Rukovoditel 3.2.1
9.8
CVSSv3
CVE-2022-43168
Rukovoditel v3.2.1 exists to contain a SQL injection vulnerability via the reports_id parameter.
Rukovoditel Rukovoditel 3.2.1
9.8
CVSSv3
CVE-2020-11817
In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting.
Rukovoditel Rukovoditel 2.5.2
9.8
CVSSv3
CVE-2020-11815
In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting.
Rukovoditel Rukovoditel 2.5.2
9.8
CVSSv3
CVE-2020-11816
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter.
Rukovoditel Rukovoditel 2.5.2
9.8
CVSSv3
CVE-2020-11819
In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution.
Rukovoditel Rukovoditel 2.5.2
1 Github repository
9.8
CVSSv3
CVE-2020-11820
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the entities_id parameter.
Rukovoditel Rukovoditel 2.5.2
9.8
CVSSv3
CVE-2020-11812
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter.
Rukovoditel Rukovoditel 2.5.2
8.8
CVSSv3
CVE-2022-45020
Rukovoditel v3.2.1 exists to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted GET request.
Rukovoditel Rukovoditel 3.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »