Exment@* Security Vulnerabilities and Issues — Exment@* CVE List

Lucene search

ExceedoneExment*

4 matches found

CVE•added 2024/10/18 6:15 a.m.•47 views

CVE-2024-47793

Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns (column type: images or files), an arbitrary script may be executed on the web browser of the user.

5.4CVSS6.2AI score0.00226EPSS

CVE•added 2024/10/18 6:15 a.m.•44 views

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table.

3.8CVSS6.7AI score0.00087EPSS

CVE•added 2020/08/25 3:15 a.m.•33 views

CVE-2020-5620

Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file.

5.4CVSS5AI score0.00203EPSS

CVE•added 2020/08/25 3:15 a.m.•30 views

CVE-2020-5619

Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via unspecified vectors.

5.4CVSS5AI score0.00203EPSS