Caupo
Products
3- 7 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
8| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-4832 | 0.03 | — | 0.03 | Dec 15, 2011 | Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter in a template action. | ||
| CVE-2022-1909 | 0.00 | — | 0.00 | May 27, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200. | ||
| CVE-2022-1698 | 0.00 | — | 0.00 | May 12, 2022 | Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | ||
| CVE-2022-1699 | 0.00 | — | 0.00 | May 12, 2022 | Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | ||
| CVE-2022-1347 | 0.00 | — | 0.00 | Apr 13, 2022 | Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation | ||
| CVE-2022-1345 | 0.00 | — | 0.00 | Apr 13, 2022 | Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. | ||
| CVE-2022-1346 | 0.00 | — | 0.00 | Apr 13, 2022 | Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. | ||
| CVE-2022-1344 | 0.00 | — | 0.00 | Apr 13, 2022 | Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. |
- CVE-2011-4832Dec 15, 2011risk 0.03cvss —epss 0.03
Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter in a template action.
- CVE-2022-1909May 27, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200.
- CVE-2022-1698May 12, 2022risk 0.00cvss —epss 0.00
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
- CVE-2022-1699May 12, 2022risk 0.00cvss —epss 0.00
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
- CVE-2022-1347Apr 13, 2022risk 0.00cvss —epss 0.00
Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation
- CVE-2022-1345Apr 13, 2022risk 0.00cvss —epss 0.00
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
- CVE-2022-1346Apr 13, 2022risk 0.00cvss —epss 0.00
Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
- CVE-2022-1344Apr 13, 2022risk 0.00cvss —epss 0.00
Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.