VYPR

Corebos

by Solucija

Source repositories

CVEs (10)

  • CVE-2018-1000547MedJun 26, 2018
    risk 0.35cvss 5.3epss 0.01

    coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. .

  • CVE-2023-48029Nov 17, 2023
    risk 0.00cvss epss 0.01

    Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject a malicious command into a table. This vulnerability is exploited when an administrator visits the user management section, exports the data to a CSV file, and then opens it, leading…

  • CVE-2023-3071Jun 2, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3074Jun 2, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3070Jun 2, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3073Jun 2, 2023
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc.

  • CVE-2023-3075Jun 2, 2023
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3069Jun 2, 2023
    risk 0.00cvss epss 0.01

    Unverified Password Change in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-1527Mar 21, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0.

  • CVE-2022-4446Dec 13, 2022
    risk 0.00cvss epss 0.01

    PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.