Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-639

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 259 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-15202 1 Kanboard 1 Kanboard 2019-10-03 4.0 MEDIUM 4.3 MEDIUM
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a private project of another user.
CVE-2017-15201 1 Kanboard 1 Kanboard 2019-10-03 4.0 MEDIUM 4.3 MEDIUM
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user.
CVE-2017-15200 1 Kanboard 1 Kanboard 2019-10-03 4.0 MEDIUM 4.3 MEDIUM
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user.
CVE-2017-15195 1 Kanboard 1 Kanboard 2019-10-03 4.0 MEDIUM 4.3 MEDIUM
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a private project of another user.
CVE-2017-15196 1 Kanboard 1 Kanboard 2019-10-03 4.0 MEDIUM 4.3 MEDIUM
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a private project of another user.
CVE-2017-15197 1 Kanboard 1 Kanboard 2019-10-03 4.0 MEDIUM 4.3 MEDIUM
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user.
CVE-2019-14725 1 Centos-webpanel 1 Centos Web Panel 2019-09-12 4.0 MEDIUM 4.3 MEDIUM
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account.
CVE-2019-14724 1 Centos-webpanel 1 Centos Web Panel 2019-09-12 5.0 MEDIUM 7.5 HIGH
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.
CVE-2019-14721 1 Centos-webpanel 1 Centos Web Panel 2019-09-12 5.5 MEDIUM 6.5 MEDIUM
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.