Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
navigatecms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-23657
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."
Naviwebs Navigatecms 2.9
9.8
CVSSv3
CVE-2020-14067
The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php.
Naviwebs Navigatecms 2.9
7.5
CVSSv3
CVE-2021-44351
An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter.
Naviwebs Navigate Cms 2.9
9.8
CVSSv3
CVE-2020-23711
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php.
Naviwebs Navigate Cms 2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2