CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2023-25440 – CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)
https://notcve.org/view.php?id=CVE-2023-25440
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field. CiviCRM version 5.59.alpha1 suffers from a persistent cross site scripting vulnerability. • https://www.exploit-db.com/exploits/51478 https://civicrm.org https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-36388
https://notcve.org/view.php?id=CVE-2020-36388
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive. En CiviCRM versiones anteriores a 5.21.3 y versiones 5.22.x hasta 5.24.x y versiones anteriores a 5.24.3, unos usuarios pueden ser capaces de cargar y ejecutar un archivo PHAR diseñado • https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained https://civicrm.org/advisory/civi-sa-2020-03 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-36389 – CiviCRM < 5.28.1 - Cross-Site Request Forgery to Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-36389
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF. En CiviCRM versiones anteriores a 5.28.1 y CiviCRM ESR versiones anteriores a 5.27.5 ESR, el formulario de configuración del CKEditor permite ataques de tipo CSRF The CiviCRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via improper CSRF checks in the CKEditor Configuration Form in versions up to, and including, 5.28.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1999022
https://notcve.org/view.php?id=CVE-2018-1999022
PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15. PEAR HTML_QuickForm 3.2.14 contiene una vulnerabilidad de inyección de eval (CWE-95) en el método getSubmitValue de HTML_QuickForm el método validate de HTML_QuickForm, el método _setOptions de HTML_QuickForm_hierselect, el método _findValue de HTML_QuickForm_element y en el método _prepareValue de HTML_QuickForm_element que puede resultar en una posible divulgación de información, un posible impacto en la integridad de los datos y en la ejecución de código arbitrario. • http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-4391
https://notcve.org/view.php?id=CVE-2015-4391
Cross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of users for requests that delete reports via unspecified vectors. Vulnerabilidad de CSRF en el módulo CiviCRM private report 6.x-1.x anterior a 6.x-1.2 y 7.x-1.x anterior a 7.x-1.3 para Drupal permite a atacantes remotos secuestrar la autenticación de usuarios para solicitudes que eliminan informes a través de vectores no especificados. • http://www.openwall.com/lists/oss-security/2015/04/25/6 http://www.securityfocus.com/bid/74351 https://www.drupal.org/node/2467631 https://www.drupal.org/node/2467635 https://www.drupal.org/node/2467697 • CWE-352: Cross-Site Request Forgery (CSRF) •