Vulnerabilities > Craterapp

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-30	CVE-2023-46865	Code Injection vulnerability in Craterapp Crater /api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image. network low complexity craterapp CWE-94	7.2
2022-03-29	CVE-2022-1032	Deserialization of Untrusted Data vulnerability in Craterapp Crater Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6. network low complexity craterapp CWE-502	7.2
2022-03-23	CVE-2022-1033	Unrestricted Upload of File with Dangerous Type vulnerability in Craterapp Crater Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6. local low complexity craterapp CWE-434	7.8
2022-03-21	CVE-2022-0514	Unspecified vulnerability in Craterapp Crater Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5. network low complexity craterapp	6.5
2022-03-21	CVE-2022-0515	Cross-Site Request Forgery (CSRF) vulnerability in Craterapp Crater Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4. network low complexity craterapp CWE-352	4.3
2022-01-27	CVE-2022-0372	Cross-site Scripting vulnerability in Craterapp Crater Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2. network low complexity craterapp CWE-79	5.4
2022-01-26	CVE-2022-0203	Missing Authorization vulnerability in Craterapp Crater Improper Access Control in GitHub repository crater-invoice/crater prior to 6.0.2. network low complexity craterapp CWE-862	5.3
2022-01-17	CVE-2022-0242	Unrestricted Upload of File with Dangerous Type vulnerability in Craterapp Crater Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0. network low complexity craterapp CWE-434	7.2
2022-01-12	CVE-2021-4080	Unrestricted Upload of File with Dangerous Type vulnerability in Craterapp Crater crater is vulnerable to Unrestricted Upload of File with Dangerous Type network low complexity craterapp CWE-434	8.8

Vulnerabilities > Craterapp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Craterapp"}]}

Vulnerabilities > Craterapp