Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29641 | 1 Rangerstudio | 1 Directus | 2021-04-13 | 6.5 MEDIUM | 8.8 HIGH |
| Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a subdirectory. Exploitation succeeds only for certain installations with the Apache HTTP Server and the local-storage driver (e.g., when the product was obtained from hub.docker.com). | |||||
| CVE-2021-26593 | 1 Rangerstudio | 1 Directus | 2021-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/{id}. For each call, they get in response a lot of information about the user (such as email address, first name, and last name) but also the secret for 2FA if one exists. This secret can be regenerated. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2021-26594 | 1 Rangerstudio | 1 Directus | 2021-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||