The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2021-25966 | In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed. | MEDIUM | Oct 10, 2021 | n/a |
CVE-2021-25965 | In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF). By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the application. | MEDIUM | Nov 17, 2021 | n/a |
CVE-2021-25964 | In “Calibre-web” application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadata”. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS will be triggered. | LOW | Oct 8, 2021 | n/a |
CVE-2021-25963 | In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped. | MEDIUM | Oct 7, 2021 | n/a |
CVE-2021-25962 | “Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed. | MEDIUM | Oct 6, 2021 | n/a |
CVE-2021-25961 | In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7.11-beta through v7.11.20 fail to properly invalidate password reset links that is associated with a deleted user id, which makes it possible for account takeover of any newly created user with the same user id. | MEDIUM | Oct 7, 2021 | n/a |
CVE-2021-25960 | In “SuiteCRM” application, v7.11.18 through v7.11.19 and v7.10.29 through v7.10.31 are affected by “CSV Injection” vulnerability (Formula Injection). A low privileged attacker can use accounts module to inject payloads in the input fields. When an administrator access accounts module to export the data as a CSV file and opens it, the payload gets executed. This was not fixed properly as part of CVE-2020-15301, allowing the attacker to bypass the security measure. | MEDIUM | Oct 7, 2021 | n/a |
CVE-2021-25959 | In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters in the password reset functionality. This allows execution of external javascript files on any user of the openCRX instance. | MEDIUM | Oct 7, 2021 | n/a |
CVE-2021-25958 | In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon. A user can register with a very long password, but when he tries to login with it an exception occurs. | MEDIUM | Sep 2, 2021 | n/a |
CVE-2021-25957 | In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password. | MEDIUM | Aug 17, 2021 | n/a |
CVE-2021-25956 | In “Dolibarr” application, v3.3.beta1_20121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This leads to complete account takeover of the victim user. This happens since the password gets overwritten for the victim user having a similar login name. | MEDIUM | Aug 17, 2021 | n/a |
CVE-2021-25955 | In “Dolibarr ERP CRM”, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoint. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field. In the worst case, the victim who inadvertently triggers the attack is a highly privileged administrator. The injected scripts can extract the Session ID, which can lead to full Account takeover of the admin and due to other vulnerability (Improper Access Control on Private notes) a low privileged user can update the private notes which could lead to privilege escalation. | MEDIUM | Aug 15, 2021 | n/a |
CVE-2021-25954 | In “Dolibarr” application, 2.8.1 to 13.0.4 don’t restrict or incorrectly restricts access to a resource from an unauthorized actor. A low privileged attacker can modify the Private Note which only an administrator has rights to do, the affected field is at “/adherents/note.php?id=1” endpoint. | MEDIUM | Aug 9, 2021 | n/a |
CVE-2021-25953 | Prototype pollution vulnerability in \'putil-merge\' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution. | HIGH | Jul 15, 2021 | n/a |
CVE-2021-25952 | Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Jul 9, 2021 | n/a |
CVE-2021-25951 | XXE vulnerability in \'XML2Dict\' version 0.2.2 allows an attacker to cause a denial of service. | MEDIUM | Jun 30, 2021 | n/a |
CVE-2021-25950 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 | n/a |
CVE-2021-25949 | Prototype pollution vulnerability in \'set-getter\' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Jun 10, 2021 | n/a |
CVE-2021-25948 | Prototype pollution vulnerability in \'expand-hash\' versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Jun 10, 2021 | n/a |
CVE-2021-25947 | Prototype pollution vulnerability in \'nestie\' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Jun 4, 2021 | n/a |
CVE-2021-25946 | Prototype pollution vulnerability in `nconf-toml` versions 0.0.1 through 0.0.2 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | May 28, 2021 | n/a |
CVE-2021-25945 | Prototype pollution vulnerability in \'js-extend\' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. | HIGH | May 26, 2021 | n/a |
CVE-2021-25944 | Prototype pollution vulnerability in \'deep-defaults\' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. | HIGH | May 28, 2021 | n/a |
CVE-2021-25943 | Prototype pollution vulnerability in \'101\' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | May 14, 2021 | n/a |
CVE-2021-25941 | Prototype pollution vulnerability in \'deep-override\' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | May 14, 2021 | n/a |
CVE-2021-25940 | In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. When a user’s password is changed by the administrator, the session isn’t invalidated, allowing a malicious user to still be logged in and perform arbitrary actions within the system. | MEDIUM | Nov 17, 2021 | n/a |
CVE-2021-25939 | In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests performed internally, which can be abused by a highly-privileged attacker to perform blind SSRF and send internal requests to localhost. | MEDIUM | Feb 11, 2022 | n/a |
CVE-2021-25938 | In ArangoDB, versions v2.2.6.2 through v3.7.10 are vulnerable to Cross-Site Scripting (XSS), since there is no validation of the .zip file name and filtering of potential abusive characters which zip files can be named to. There is no X-Frame-Options Header set, which makes it more susceptible for leveraging self XSS by attackers. | MEDIUM | May 28, 2021 | n/a |
CVE-2021-25935 | In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the function `add()` performs improper validation checks on the input sent to the `foreign-source` parameter. Due to this flaw an attacker could bypass the existing regex validation and inject an arbitrary script which will be stored in the database. | LOW | May 25, 2021 | n/a |
CVE-2021-25934 | In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the function `createRequisitionedNode()` does not perform any validation checks on the input sent to the `node-label` parameter. Due to this flaw an attacker could inject an arbitrary script which will be stored in the database. | LOW | May 25, 2021 | n/a |
CVE-2021-25933 | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the function `validateFormInput()` performs improper validation checks on the input sent to the `groupName` and `groupComment` parameters. Due to this flaw, an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files which can cause severe damage to the organization using opennms. | LOW | May 20, 2021 | n/a |
CVE-2021-25932 | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the function `validateFormInput()` performs improper validation checks on the input sent to the `userID` parameter. Due to this flaw an attacker could inject an arbitrary script which will be stored in the database. | LOW | Jun 1, 2021 | n/a |
CVE-2021-25931 | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at `/opennms/admin/userGroupView/users/updateUser`. This flaw allows assigning `ROLE_ADMIN` security role to a normal user. Using this flaw, an attacker can trick the admin user to assign administrator privileges to a normal user by enticing him to click upon an attacker-controlled website. | MEDIUM | May 20, 2021 | n/a |
CVE-2021-25930 | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection, and since there is no validation of an existing user name while renaming a user. As a result, privileges of the renamed user are being overwritten by the old user and the old user is being deleted from the user list. | MEDIUM | May 20, 2021 | n/a |
CVE-2021-25929 | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files. | LOW | May 20, 2021 | n/a |
CVE-2021-25928 | Prototype pollution vulnerability in \'safe-obj\' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Apr 26, 2021 | n/a |
CVE-2021-25927 | Prototype pollution vulnerability in \'safe-flat\' versions 2.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Apr 26, 2021 | n/a |
CVE-2021-25926 | In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Therefore, an attacker can steal a user\'s sessionID to masquerade as a victim user, to carry out any actions in the context of the user. | MEDIUM | Apr 12, 2021 | n/a |
CVE-2021-25925 | in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information. | LOW | Apr 12, 2021 | n/a |
CVE-2021-25924 | In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Request Forgery due to missing CSRF protection at the `/go/api/config/backup` endpoint. An attacker can trick a victim to click on a malicious link which could change backup configurations or execute system commands in the post_backup_script field. | HIGH | Apr 1, 2021 | n/a |
CVE-2021-25923 | In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum password length limit. If a malicious user is aware of the first 72 characters of the victim user’s password, he can leverage it to an account takeover. | MEDIUM | Jun 24, 2021 | n/a |
CVE-2021-25922 | In OpenEMR, versions 4.2.0 to 6.0.0 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly. An attacker could trick a user to click on a malicious url and execute malicious code. | MEDIUM | Mar 24, 2021 | n/a |
CVE-2021-25921 | In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly in the `Allergies` section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit. | LOW | Mar 24, 2021 | n/a |
CVE-2021-25920 | In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user. | MEDIUM | Mar 24, 2021 | n/a |
CVE-2021-25919 | In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly. A highly privileged attacker could inject arbitrary code into input fields when creating a new user. | LOW | Mar 24, 2021 | n/a |
CVE-2021-25918 | In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the TOTP Authentication method page. A highly privileged attacker could inject arbitrary code into input fields when creating a new user. | LOW | Mar 25, 2021 | n/a |
CVE-2021-25917 | In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the U2F USB Device authentication method page. A highly privileged attacker could inject arbitrary code into input fields when creating a new user. | LOW | Mar 25, 2021 | n/a |
CVE-2021-25916 | Prototype pollution vulnerability in \'patchmerge\' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Mar 16, 2021 | n/a |
CVE-2021-25915 | Prototype pollution vulnerability in \'changeset\' versions 0.0.1 through 0.2.5 allows an attacker to cause a denial of service and may lead to remote code execution. | HIGH | Mar 9, 2021 | n/a |
CVE-2021-25914 | Prototype pollution vulnerability in \'object-collider\' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may lead to remote code execution. | HIGH | Mar 5, 2021 | n/a |