Rukovoditel Security Vulnerabilities and Issues — Rukovoditel CVE List

Lucene search

RukovoditelRukovoditel

3 matches found

CVE•added 2019/02/05 6:29 a.m.•51 views

CVE-2019-7400

Rukovoditel before 2.4.1 allows XSS.

6.1CVSS6.2AI score0.0738EPSS

CVE•added 2019/01/02 6:29 p.m.•42 views

CVE-2018-20166

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed case...

8.8CVSS8.6AI score0.03487EPSS

CVE•added 2019/05/07 7:29 p.m.•42 views

CVE-2019-7541

Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring.

6.1CVSS5.9AI score0.0266EPSS