CVE-2023-3692 – Unrestricted Upload of File with Dangerous Type in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3692
Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10. • https://github.com/admidio/admidio/commit/d66585d14b1160712a8a9bfaf9769dd3da0e9a83 https://huntr.dev/bounties/be6616eb-384d-40d6-b1fd-0ec9e4973f12 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-3302 – Improper Neutralization of Formula Elements in a CSV File in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3302
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9. • https://github.com/admidio/admidio/commit/c87a7074a1a73c4851263060afd76aa4d5b6415f https://huntr.dev/bounties/5e18619f-8379-464a-aad2-65883bb4e81a • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVE-2023-3303 – Improper Access Control in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3303
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. • https://github.com/admidio/admidio/commit/3d8bafaa4e9b7a314ffdf548622a8c7b38faee8a https://huntr.dev/bounties/65d260cc-55a9-4e71-888d-cb2f66c071af • CWE-284: Improper Access Control •
CVE-2023-3304 – Improper Access Control in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3304
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. • https://github.com/admidio/admidio/commit/3b248b7d5e0e60a00ee2f9a6908d538d62a5837f https://huntr.dev/bounties/721fae61-3c8c-4e4b-8407-64321bc0ed17 • CWE-284: Improper Access Control •
CVE-2023-3109 – Cross-site Scripting (XSS) - Stored in admidio/admidio
https://notcve.org/view.php?id=CVE-2023-3109
Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admidio prior to 4.2.8. • https://github.com/admidio/admidio/commit/a7c211b835cafe1158932fbfcff9e5552e57510a https://huntr.dev/bounties/6fa6070e-8f7f-43ae-8a84-e36b28256123 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •