Lucene search

K

Travianz Security Vulnerabilities

cve

The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over...

9.8CVSS

9.4AI Score

0.001EPSS

2023-07-07 07:15 PM

21

cve

PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP...

7.2CVSS

7.3AI Score

0.001EPSS

2023-07-07 07:15 PM

16

cve

In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP...

9.8CVSS

9.4AI Score

0.001EPSS

2023-07-07 07:15 PM

15

cve

TravianZ through 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR...

6.1CVSS

5.9AI Score

0.001EPSS

2023-07-06 02:15 PM

13