Kanboard

Kanboard

48 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-36813

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.07.2023 22:15:09
  • Zuletzt bearbeitet 10.04.2025 20:47:18

Kanboard is project management software that focuses on the Kanban methodology. In versions prior to 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or loss of confidentiality. It appears that in some in...

5.4

CVE-2023-33968

Exploit
  • EPSS 0.13%
  • Veröffentlicht 05.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:18

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any proje...

6.5

CVE-2023-33970

Exploit
  • EPSS 0.22%
  • Veröffentlicht 05.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:19

Kanboard is open source project management software that focuses on the Kanban methodology. A vulnerability related to a `missing access control` was found, which allows a User with the lowest privileges to leak all the tasks and projects titles with...

5.4

CVE-2023-33969

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:19

Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting (XSS) allows an attacker to execute arbitrary Javascript and any user who views the task containing the malicious code will be e...

6.5

CVE-2023-33956

Exploit
  • EPSS 0.06%
  • Veröffentlicht 05.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:17

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference (IDOR) vulnerability present in the application's URL parameter. This vulnerabilit...

5.4

CVE-2023-32685

  • EPSS 0.66%
  • Veröffentlicht 30.05.2023 05:15:11
  • Zuletzt bearbeitet 21.11.2024 08:03:50

Kanboard is project management software that focuses on the Kanban methodology. Due to improper handling of elements under the `contentEditable` element, maliciously crafted clipboard content can inject arbitrary HTML tags into the DOM. A low-privile...

6.1

CVE-2019-7324

  • EPSS 0.29%
  • Veröffentlicht 04.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:00

app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting.

4.3

CVE-2017-15212

  • EPSS 0.33%
  • Veröffentlicht 11.10.2017 01:32:55
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user.

4.3

CVE-2017-15211

  • EPSS 0.54%
  • Veröffentlicht 11.10.2017 01:32:55
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link to a private project of another user.

4.3

CVE-2017-15210

  • EPSS 0.29%
  • Veröffentlicht 11.10.2017 01:32:55
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Kanboard before 1.0.47, by altering form data, an authenticated user can see thumbnails of pictures from a private project of another user.