Voyager Security Vulnerabilities and Issues — Voyager CVE List

Lucene search

ThecontrolgroupVoyager

3 matches found

CVE•added 2025/01/30 3:15 p.m.•66 views

CVE-2024-55417

DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. An authenticated user can upload a web shell causing arbitrary code execution on the server.

4.3CVSS7.3AI score0.05656EPSS

CVE•added 2025/01/30 3:15 p.m.•57 views

CVE-2024-55415

DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.

5.7CVSS6.6AI score0.36555EPSS

CVE•added 2025/01/30 3:15 p.m.•57 views

CVE-2024-55416

DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on a link, arbitrary Javascript can be executed.

3.5CVSS5.7AI score0.00294EPSS