Show filters
24 Total Results
Displaying 21-24 of 24
Sort by:
Attacker Value
Unknown

CVE-2018-16630

Disclosure Date: December 28, 2018 (last updated November 27, 2024)
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
0
0
Attacker Value
Unknown

CVE-2018-16627

Disclosure Date: December 20, 2018 (last updated November 27, 2024)
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
0
0
Attacker Value
Unknown

CVE-2018-16628

Disclosure Date: December 04, 2018 (last updated November 27, 2024)
panel/login in Kirby v2.5.12 allows XSS via a blog name.
0
0
Attacker Value
Unknown

CVE-2015-7773

Disclosure Date: November 20, 2015 (last updated October 05, 2023)
Unrestricted file upload vulnerability in the Panel component in Bastian Allgeier Kirby before 2.1.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file that lacks an extension, and then renaming this file to have a .php extension.
0
0
View More Topics  < Previous