Exposição de Directus

CMS

15

score de exposição

15

sites usam

0

em exploração

1

críticos

CVEs

57 resultados

CVE-2025-30351LOWSuspended Directus user can continue to use session token to access APIEPSS 0.3%CVE-2024-47822MEDIUMDirectus inserts access token from query string into logsEPSS 0.3%CVE-2023-28443MEDIUMdirectus vulnerable to Insertion of Sensitive Information into Log FileEPSS 0.3%CVE-2026-35412HIGHDirectus has a TUS Upload Authorization Bypass Allows Arbitrary File OverwriteEPSS 0.3%CVE-2025-64749MEDIUMDirectus Vulnerable to Information Leakage in Existing CollectionsEPSS 0.3%CVE-2026-35410MEDIUMDirectus has an Open Redirect via Parser Bypass in OAuth2/SAML Authentication FlowEPSS 0.3%CVE-2026-35411MEDIUMDirectus is an Open Redirect in Admin 2FA Setup PageEPSS 0.3%CVE-2024-28238LOWSession Token in URL in directusEPSS 0.2%CVE-2025-64748MEDIUMDirectus's conceal fields are searchable if read permissions enabledEPSS 0.2%CVE-2025-27089MEDIUMOverlapping policies allow update to non-allowed fields in directusEPSS 0.2%CVE-2025-64747MEDIUMDirectus Vulnerable to Stored Cross-site ScriptingEPSS 0.2%CVE-2026-39942HIGHDirectus has a Path Traversal and Broken Access Control in File Management APIEPSS 0.2%CVE-2026-22032MEDIUMDirectus has open redirect in SAMLEPSS 0.2%CVE-2026-39943MEDIUMDirectus exposes sensitive fields in revision historyEPSS 0.2%CVE-2025-53885MEDIUMDirectus doesn't redact sensitive user data when logging via event hooksEPSS 0.2%CVE-2026-35408HIGHDirectus is Missing Cross-Origin Opener PolicyEPSS 0.2%CVE-2025-64746MEDIUMDirectus has Improper Permission Handling on Deleted FieldsEPSS 0.2%

← anteriorpágina 3 / 3próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →