Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0338 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch.
|
|||||
| CVE-2023-0337 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch.
|
|||||
| CVE-2023-0048 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 8.8 HIGH |
|
Code Injection in GitHub repository lirantal/daloradius prior to master-branch.
|
|||||
| CVE-2023-0046 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 7.2 HIGH |
|
Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to master-branch.
|
|||||
| CVE-2022-4630 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master.
|
|||||
| CVE-2022-4366 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 7.5 HIGH |
|
Missing Authorization in GitHub repository lirantal/daloradius prior to master branch.
|
|||||
| CVE-2022-23475 | 1 Daloradius | 1 Daloradius | 2024-11-21 | N/A | 8.8 HIGH |
|
daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting (XSS) and cross site request forgery (CSRF) vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in the DOM on line 116. This issue has been addressed in commit `ec3b4a419e`. Users are advised to manually apply the commit in order to mitigate this issue. Users may also mitigate this issue with in ...
Show More |
|||||