Vulnerabilities > Corebos

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-48029 Improper Neutralization of Formula Elements in a CSV File vulnerability in Corebos 5.4/5.5/7.0
Corebos 8.0 and below is vulnerable to CSV Injection.
network
low complexity
corebos CWE-1236
8.0
2023-06-02 CVE-2023-3073 Unspecified vulnerability in Corebos 5.4/5.5/7.0
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc.
network
low complexity
corebos
5.4
2023-06-02 CVE-2023-3074 Unspecified vulnerability in Corebos 5.4/5.5/7.0
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.
network
low complexity
corebos
5.4
2023-06-02 CVE-2023-3075 Unspecified vulnerability in Corebos 5.4/5.5/7.0
Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8.
network
low complexity
corebos
6.5
2023-06-02 CVE-2023-3069 Improper Authentication vulnerability in Corebos 5.4/5.5/7.0
Unverified Password Change in GitHub repository tsolucio/corebos prior to 8.
network
low complexity
corebos CWE-287
critical
9.8
2023-06-02 CVE-2023-3070 Unspecified vulnerability in Corebos 5.4/5.5/7.0
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.
network
low complexity
corebos
5.4
2023-03-21 CVE-2023-1527 Unspecified vulnerability in Corebos 5.4/5.5/7.0
Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0.
network
low complexity
corebos
5.4
2022-12-13 CVE-2022-4446 Incorrect Resource Transfer Between Spheres vulnerability in Corebos 5.4/5.5/7.0
PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.
network
low complexity
corebos CWE-669
critical
9.8
2018-06-26 CVE-2018-1000547 Incorrect Permission Assignment for Critical Resource vulnerability in Corebos 5.4/5.5/7.0
coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to.
network
low complexity
corebos CWE-732
5.3