Search Results | AttackerKB

6 Total Results

Displaying 1-6 of 6

Attacker Value

Unknown

CVE-2023-36984

Disclosure Date: August 01, 2023 (last updated October 08, 2023)

LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.

Attacker Value

Unknown

CVE-2023-36983

Disclosure Date: August 01, 2023 (last updated October 08, 2023)

LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2023-30124

Disclosure Date: May 18, 2023 (last updated October 08, 2023)

LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2023-27238

Disclosure Date: May 12, 2023 (last updated October 08, 2023)

LavaLite CMS v 9.0.0 was discovered to be vulnerable to web cache poisoning.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2023-27237

Disclosure Date: May 12, 2023 (last updated October 08, 2023)

LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2022-42188

Disclosure Date: October 18, 2022 (last updated October 08, 2023)

In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.

Attack Vector: Network Privileges: None User Interaction: None

6 Total Results

Displaying 1-6 of 6

Unknown

CVE-2023-36984

Unknown

CVE-2023-36983

Unknown

CVE-2023-30124

Unknown

CVE-2023-27238

Unknown

CVE-2023-27237

Unknown

CVE-2022-42188

Quick Cookie Notification