Vulnerabilidades em kiwitcms
11 resultadosCVE-2023-30628HIGHKiwi TCMS has command injection vulnerability in changelog.yml CI workflowEPSS 3.6%CVE-2023-30613HIGHKiwi TCMS unrestricted file upload vulnerabilityEPSS 1.0%CVE-2023-25171HIGHKiwi TCMS has denial of service vulnerability on Password reset pageEPSS 0.9%CVE-2023-25156HIGHKiwi TCMS has no protection against brute-force attacks on login pageEPSS 0.9%CVE-2023-33977HIGHStored cross site scripting (XSS) via unrestricted file upload in Kiwi TCMSEPSS 0.9%CVE-2023-22451MEDIUMWeak password requirements in Kiwi TCMSEPSS 0.7%CVE-2023-36809HIGHKiwi TCMS's misconfigured HTTP headers allow stored XSS execution with FirefoxEPSS 0.6%CVE-2023-27489HIGHStored cross site scripting via SVG file upload in Kiwi TCMSEPSS 0.5%CVE-2022-4105HIGHCross-site Scripting (XSS) - Stored in kiwitcms/kiwiEPSS 0.5%CVE-2023-32686HIGHkiwitcms vulnerable to stored XSS via unrestricted files uploadEPSS 0.4%CVE-2023-30544LOWKiwi TCMS may allow user to update email address to unverified oneEPSS 0.4%