Vulnerabilities > Chevereto

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-30	CVE-2021-31721	Cross-site Scripting vulnerability in Chevereto Chevereto before 3.17.1 allows Cross Site Scripting (XSS) via an image title at the image upload stage. network chevereto CWE-79	4.3
2018-06-15	CVE-2018-12030	Cross-site Scripting vulnerability in Chevereto Chevereto Free before 1.0.13 has XSS. network chevereto CWE-79	3.5
2017-07-17	CVE-2017-1000058	Cross-site Scripting vulnerability in Chevereto Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser. network chevereto CWE-79	4.3
2012-05-21	CVE-2012-2919	Path Traversal vulnerability in Chevereto 1.91 Directory traversal vulnerability in Upload/engine.php in Chevereto 1.9.1 allows remote attackers to determine the existence of arbitrary files via a .. network low complexity chevereto CWE-22	5.0
2012-05-21	CVE-2012-2918	Cross-Site Scripting vulnerability in Chevereto 1.91 Cross-site scripting (XSS) vulnerability in Upload/engine.php in Chevereto 1.91 allows remote attackers to inject arbitrary web script or HTML via the v parameter. network chevereto CWE-79	4.3

Vulnerabilities > Chevereto {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Chevereto"}]}