Apprain

Apprain

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-58279

Exploit
  • EPSS 0.48%
  • Veröffentlicht 10.12.2025 21:12:47
  • Zuletzt bearbeitet 19.12.2025 17:53:02

appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shel...

5.4

CVE-2025-41063

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:16:15
  • Zuletzt bearbeitet 04.09.2025 17:50:21

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 's' parameter in /apprain/developer/debug-log/db.

5.4

CVE-2025-41062

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:16:03
  • Zuletzt bearbeitet 04.09.2025 17:50:28

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 'page' parameter in /apprain/developer/addons.

5.4

CVE-2025-41061

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:15:03
  • Zuletzt bearbeitet 04.09.2025 17:50:34

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...

5.4

CVE-2025-41060

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:14:53
  • Zuletzt bearbeitet 04.09.2025 17:50:43

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...

5.4

CVE-2025-41059

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:14:41
  • Zuletzt bearbeitet 04.09.2025 17:50:51

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...

5.4

CVE-2025-41058

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:14:30
  • Zuletzt bearbeitet 04.09.2025 17:51:01

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...

5.4

CVE-2025-41057

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:14:15
  • Zuletzt bearbeitet 04.09.2025 17:51:08

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...

5.4

CVE-2025-41056

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:14:06
  • Zuletzt bearbeitet 04.09.2025 17:51:15

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...

5.4

CVE-2025-41055

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 11:13:54
  • Zuletzt bearbeitet 04.09.2025 17:51:21

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/d...