Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
VikisolutionsVera4.9.1.26180

3 matches found

CVE
CVEadded 2021/01/05 10:15 p.m.44 views

CVE-2019-20484

An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in.

8.1CVSS7.9AI score0.00219EPSS
CVE
CVEadded 2021/01/05 9:15 p.m.40 views

CVE-2019-20483

An issue was discovered in Viki Vera 4.9.1.26180. An attacker could set a user's last name to an XSS Payload, and read another user's cookie and use that to login to the application.

5.4CVSS5.1AI score0.00206EPSS
CVE
CVEadded 2020/06/12 9:15 p.m.30 views

CVE-2019-15123

The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site.

7.2CVSS7.2AI score0.02631EPSS