Vulnerabilities > Bumsys Project

DATE CVE VULNERABILITY TITLE RISK
2023-05-22 CVE-2023-2832 SQL Injection vulnerability in Bumsys Project Bumsys
SQL Injection in GitHub repository unilogies/bumsys prior to 2.2.0.
network
low complexity
bumsys-project CWE-89
7.2
7.2
2023-05-05 CVE-2023-2551 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Bumsys Project Bumsys
PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.
network
low complexity
bumsys-project CWE-829
8.8
8.8
2023-05-05 CVE-2023-2552 Cross-Site Request Forgery (CSRF) vulnerability in Bumsys Project Bumsys
Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1.
network
low complexity
bumsys-project CWE-352
8.8
8.8
2023-05-05 CVE-2023-2553 Cross-site Scripting vulnerability in Bumsys Project Bumsys
Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0.
network
low complexity
bumsys-project CWE-79
5.4
5.4
2023-05-05 CVE-2023-2554 External Control of File Name or Path vulnerability in Bumsys Project Bumsys
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.
network
low complexity
bumsys-project CWE-73
7.2
7.2
2023-03-13 CVE-2023-1361 SQL Injection vulnerability in Bumsys Project Bumsys
SQL Injection in GitHub repository unilogies/bumsys prior to v2.0.2.
network
low complexity
bumsys-project CWE-89
6.5
6.5
2023-03-13 CVE-2023-1362 Improper Restriction of Rendered UI Layers or Frames vulnerability in Bumsys Project Bumsys
Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2.
network
low complexity
bumsys-project CWE-1021
6.1
6.1
2023-01-26 CVE-2023-0455 Unrestricted Upload of File with Dangerous Type vulnerability in Bumsys Project Bumsys 1.0.0/1.0.1/1.0.2
Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.
network
low complexity
bumsys-project CWE-434
8.8
8.8