Show filters
38 Total Results
Displaying 21-30 of 38
Sort by:
Attacker Value
Unknown
CVE-2023-0564
Disclosure Date: January 29, 2023 (last updated February 24, 2025)
Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
0
Attacker Value
Unknown
CVE-2023-0316
Disclosure Date: January 16, 2023 (last updated February 24, 2025)
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.
0
Attacker Value
Unknown
CVE-2022-4868
Disclosure Date: December 31, 2022 (last updated February 24, 2025)
Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
0
Attacker Value
Unknown
CVE-2022-4867
Disclosure Date: December 31, 2022 (last updated February 24, 2025)
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
0
Attacker Value
Unknown
CVE-2022-4864
Disclosure Date: December 30, 2022 (last updated February 24, 2025)
Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
0
Attacker Value
Unknown
CVE-2022-3869
Disclosure Date: November 05, 2022 (last updated February 24, 2025)
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.
0
Attacker Value
Unknown
CVE-2022-3721
Disclosure Date: November 04, 2022 (last updated February 24, 2025)
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.
0
Attacker Value
Unknown
CVE-2022-3017
Disclosure Date: August 28, 2022 (last updated February 24, 2025)
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38.
0
Attacker Value
Unknown
CVE-2020-29653
Disclosure Date: April 13, 2022 (last updated February 23, 2025)
Froxlor through 0.10.22 does not perform validation on user input passed in the customermail GET parameter. The value of this parameter is reflected in the login webpage, allowing the injection of arbitrary HTML tags.
0
Attacker Value
Unknown
CVE-2020-28957
Disclosure Date: October 22, 2021 (last updated February 23, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields.
0
