Filtered by vendor Montala
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3648 | 1 Montala | 1 Resourcespace | 2018-10-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace before 7.2.6727 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter. | |||||
| CVE-2015-6915 | 1 Montala | 1 Resourcespace | 2015-09-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and earlier allows remote attackers to execute arbitrary SQL commands via the "user" cookie to plugins/feedback/pages/feedback.php. | |||||
| CVE-2011-4311 | 1 Montala | 1 Resourcespace | 2011-11-21 | 5.0 MEDIUM | N/A |
| ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors. | |||||