Lucene search

Daloradius Security Vulnerabilities

cve

CVE-2023-0338

Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to...

5.8CVSS

6.1AI Score

0.001EPSS

2023-01-17 04:15 PM

cve

CVE-2023-0337

Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to...

5.8CVSS

6.1AI Score

0.001EPSS

2023-01-17 04:15 PM

cve

CVE-2023-0048

Code Injection in GitHub repository lirantal/daloradius prior to...

7.2CVSS

8.9AI Score

0.001EPSS

2023-01-04 02:15 PM

cve

CVE-2023-0046

Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to...

7.2CVSS

7AI Score

0.001EPSS

2023-01-04 12:15 PM

cve

CVE-2022-4630

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to...

5.3CVSS

5.3AI Score

0.001EPSS

2022-12-21 06:15 PM

cve

CVE-2022-4366

Missing Authorization in GitHub repository lirantal/daloradius prior to master...

7.5CVSS

7.5AI Score

0.001EPSS

2022-12-08 07:15 PM

cve

CVE-2022-23475

daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting (XSS) and cross site request forgery (CSRF) vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected....

8.8CVSS

8.2AI Score

0.001EPSS

2022-12-06 08:15 PM

cve

CVE-2009-4347

Cross-site scripting (XSS) vulnerability in daloradius-users/login.php in daloRADIUS 0.9-8 and earlier allows remote attackers to inject arbitrary web script or HTML via the error...

5.9AI Score

0.002EPSS

2009-12-17 05:30 PM