CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2020/01/26 11:15 p.m.•10 views

CVE-2020-7996

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

6.1CVSS5.7AI score

Exploits0References2

NVD•added 2020/01/26 11:15 p.m.•4 views

CVE-2020-7996

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

6.1CVSS6AI score0.00365EPSS

Exploits1References2

Prion•added 2020/01/26 11:15 p.m.•11 views

Design/Logic Flaw

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

4.3CVSS5.9AI score0.00365EPSS

Exploits1References2Affected Software1

Cvelist•added 2020/01/26 10:44 p.m.•9 views

CVE-2020-7996

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

6AI score0.00365EPSS

Exploits1References2

Positive Technologies•added 2020/01/26 12:0 a.m.•1 views

PT-2020-19907 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 10.0.6 Description: The issue allows for XSS via the Referer HTTP header in the htdocs/user/passwordforgotten.php file. Recommendations: For Dolibarr version 10.0.6, consider disabling access to the...

6.1CVSS5.9AI score0.00365EPSS

Exploits1References11

Tenable Nessus•added 2012/04/13 12:0 a.m.•35 views

Dolibarr passwordforgotten.php theme Parameter Local File Inclusion

The version of Dolibarr installed on the remote host fails to sanitize user-supplied input to the 'theme' parameter of the 'user/passwordforgotten.php' script before using it to include PHP code. Using a specially crafted request, a remote, unauthenticated attacker may be able to leverage this...

6AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by