CVE-2014-0468
- EPSS 0.18%
- Published 26.06.2025 20:39:24
- Last modified 06.08.2025 16:34:59
Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.
CVE-2014-6275
- EPSS 0.33%
- Published 02.01.2020 22:15:11
- Last modified 21.11.2024 02:14:04
FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If project webpages are hosted on the same server than FusionForge, it can allow users to incorrectly access on-disk priva...
- EPSS 6.68%
- Published 02.06.2015 14:59:05
- Last modified 12.04.2025 10:46:40
The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.
CVE-2013-1423
- EPSS 0.03%
- Published 14.03.2013 03:13:28
- Last modified 11.04.2025 00:51:21
(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_update.pl, (5) deb-specific/ssh_dump_update.pl, (6) deb-specific/user_dump_update.pl, (7) plugins/scmbzr/common/BzrPlugin.cla...