CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3302 – Improper Neutralization of Formula Elements in a CSV File in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3302
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9. • https://github.com/admidio/admidio/commit/c87a7074a1a73c4851263060afd76aa4d5b6415f https://huntr.dev/bounties/5e18619f-8379-464a-aad2-65883bb4e81a • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3303 – Improper Access Control in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3303
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. • https://github.com/admidio/admidio/commit/3d8bafaa4e9b7a314ffdf548622a8c7b38faee8a https://huntr.dev/bounties/65d260cc-55a9-4e71-888d-cb2f66c071af • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3304 – Improper Access Control in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3304
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. • https://github.com/admidio/admidio/commit/3b248b7d5e0e60a00ee2f9a6908d538d62a5837f https://huntr.dev/bounties/721fae61-3c8c-4e4b-8407-64321bc0ed17 • CWE-284: Improper Access Control •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3109 – Cross-site Scripting (XSS) - Stored in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3109
Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admidio prior to 4.2.8. • https://github.com/admidio/admidio/commit/a7c211b835cafe1158932fbfcff9e5552e57510a https://huntr.dev/bounties/6fa6070e-8f7f-43ae-8a84-e36b28256123 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23896
https://notcve.org/view.php?id=CVE-2022-23896
Admidio 4.1.2 version is affected by stored cross-site scripting (XSS). Admidio versión 4.1.2, está afectada por un ataque de tipo cross-site scripting (XSS) almacenado • https://huntr.dev/bounties/79c2d16c-bae2-417f-ab50-10c52707a30f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •