Vulnerabilities > Doorgets

DATE CVE VULNERABILITY TITLE RISK
2019-04-30 CVE-2019-11626 Pathname Traversal and Equivalence Errors vulnerability in Doorgets CMS 7.0
routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request.
network
low complexity
doorgets CWE-21
5.3
2019-04-30 CVE-2019-11625 SQL Injection vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php.
network
low complexity
doorgets CWE-89
4.9
2019-04-30 CVE-2019-11624 Path Traversal vulnerability in Doorgets CMS 7.0
doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php.
network
low complexity
doorgets CWE-22
4.9
2019-04-30 CVE-2019-11623 SQL Injection vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb.
network
low complexity
doorgets CWE-89
4.9
2019-04-30 CVE-2019-11622 SQL Injection vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php.
network
low complexity
doorgets CWE-89
4.9
2019-04-30 CVE-2019-11621 SQL Injection vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network.
network
low complexity
doorgets CWE-89
4.9
2019-04-30 CVE-2019-11620 SQL Injection vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php.
network
low complexity
doorgets CWE-89
4.9
2019-04-30 CVE-2019-11619 SQL Injection vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics.
network
low complexity
doorgets CWE-89
4.9
2019-04-30 CVE-2019-11618 Insecure Default Initialization of Resource vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a default administrator credential vulnerability.
network
low complexity
doorgets CWE-1188
critical
9.8
2019-04-30 CVE-2019-11617 Cross-Site Request Forgery (CSRF) vulnerability in Doorgets CMS 7.0
doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php.
network
low complexity
doorgets CWE-352
8.8