Vulnerabilidades en louislam
11 resultadosCVE-2024-56331MEDIUMLocal File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitorEPSS 1.8%CVE-2023-36821HIGHUptime Kuma vulnerable to authenticated remote code execution via malicious plugin installationEPSS 1.7%CVE-2023-36822MEDIUMUptime Kuma authenticated path traversal via plugin repository name may lead to unavailability or data lossEPSS 1.0%CVE-2026-32230MEDIUMUptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status pageEPSS 0.9%CVE-2023-49276MEDIUMAttribute Injection leading to XSS(Cross-Site-Scripting) in uptime-kumaEPSS 0.5%CVE-2023-25811MEDIUMPersistent Cross site scripting (XSS) in Uptime KumaEPSS 0.5%CVE-2023-25810MEDIUMPersistent Cross site scripting (XSS) through description in status page in Uptime KumaEPSS 0.4%CVE-2023-49805MEDIUMUptime Kuma Missing Origin Validation in WebSocketsEPSS 0.4%CVE-2026-33130MEDIUMUptime Kuma: SSTI in Notification Templates Allows Arbitrary File Read (Incomplete Fix for GHSA-vffh-c9pq-4crh)EPSS 0.3%CVE-2023-44400MEDIUMUptime Kuma has Persistentent User Sessions EPSS 0.3%CVE-2023-49804MEDIUMUptime Kuma Password Change VulnerabilityEPSS 0.3%