Doorgets

Doorgets Cms

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-11617

Exploit
  • EPSS 0.21%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:27

doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote attacker can exploit this vulnerability for "Google Analytics code" modification.

8.8

CVE-2019-11615

Exploit
  • EPSS 0.4%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:27

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server.

7.5

CVE-2019-11614

Exploit
  • EPSS 0.26%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:27

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information.

6.5

CVE-2019-11613

Exploit
  • EPSS 0.23%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:27

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A remote normal registered user could exploit the vulnerability to obtain database sensitive information.

7.5

CVE-2019-11612

Exploit
  • EPSS 6.7%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:27

doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. A remote unauthenticated attacker can exploit this vulnerability to delete arbitrary files.

7.5

CVE-2019-11611

Exploit
  • EPSS 0.73%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:27

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.

7.5

CVE-2019-11610

Exploit
  • EPSS 0.73%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:26

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.

8.2

CVE-2019-11609

Exploit
  • EPSS 1.31%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:26

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable.

8.2

CVE-2019-11608

Exploit
  • EPSS 1.31%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:26

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable.

7.5

CVE-2019-11607

Exploit
  • EPSS 0.73%
  • Veröffentlicht 30.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:21:26

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.