eventum_project eventum の CVE(12 件)

CVE 件数: 12 CPE versions: View versions table

概要

本ページは eventum_project eventum に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 112 / 12 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2018-11569 Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2. [email protected] 9.8 1.74% 2019-09-05 2026-06-16
CVE-2018-12628 An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges. [email protected] 8.8 0.66% 2019-07-10 2026-06-16
CVE-2018-12627 An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the show_notification_list_issues or show_authorized_issues parameter. [email protected] 6.1 0.91% 2019-07-10 2026-06-16
CVE-2018-12626 An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter. [email protected] 6.1 0.91% 2019-07-10 2026-06-16
CVE-2018-12625 An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter. [email protected] 6.1 0.91% 2019-07-10 2026-06-16
CVE-2018-12623 An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter. [email protected] 6.1 0.91% 2019-07-10 2026-06-16
CVE-2018-12622 An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter. [email protected] 6.1 0.91% 2019-07-10 2026-06-16
CVE-2018-12621 An issue was discovered in Eventum 3.5.0. /htdocs/switch.php has an Open Redirect via the current_page parameter. [email protected] 6.1 0.91% 2019-07-05 2026-06-16
CVE-2018-12624 An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter. [email protected] 6.1 0.91% 2019-05-24 2026-06-16
CVE-2018-16761 Eventum before 3.4.0 has an open redirect vulnerability. [email protected] 6.1 2.20% 2018-09-09 2026-06-16
CVE-2014-1632 htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter. [email protected] 8.1 10.49% 2018-01-31 2026-06-16
CVE-2014-1631 Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php. [email protected] 7.5 9.30% 2018-01-31 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence