Vulnerabilities > Exceedone

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-18	CVE-2024-46897	Incorrect Permission Assignment for Critical Resource vulnerability in Exceedone Exment Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. network low complexity exceedone CWE-732	3.8
2024-10-18	CVE-2024-47793	Cross-site Scripting vulnerability in Exceedone Exment Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. network low complexity exceedone CWE-79	5.4
2022-08-24	CVE-2022-37333	SQL Injection vulnerability in Exceedone Exment SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows remote authenticated attackers to execute arbitrary SQL commands. network low complexity exceedone CWE-89	8.8
2022-08-24	CVE-2022-38080	Cross-site Scripting vulnerability in Exceedone Exment Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script. network low complexity exceedone CWE-79	5.4
2022-08-24	CVE-2022-38089	Cross-site Scripting vulnerability in Exceedone Exment Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script. network low complexity exceedone CWE-79	5.4
2020-08-25	CVE-2020-5620	Cross-site Scripting vulnerability in Exceedone Exment Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file. network low complexity exceedone CWE-79	5.4
2020-08-25	CVE-2020-5619	Cross-site Scripting vulnerability in Exceedone Exment Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via unspecified vectors. network low complexity exceedone CWE-79	5.4

Vulnerabilities > Exceedone {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Exceedone"}]}

Vulnerabilities > Exceedone