Vulnerabilities > Froxlor

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-09	CVE-2020-10236	Improper Input Validation vulnerability in Froxlor An issue was discovered in Froxlor before 0.10.14. local low complexity froxlor CWE-20	3.6
2020-03-09	CVE-2020-10235	Improper Input Validation vulnerability in Froxlor An issue was discovered in Froxlor before 0.10.14. network low complexity froxlor CWE-20	6.5
2018-06-26	CVE-2018-1000527	Deserialization of Untrusted Data vulnerability in Froxlor Froxlor version <= 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. network low complexity froxlor CWE-502	6.5
2018-06-22	CVE-2018-12642	Incorrect Permission Assignment for Critical Resource vulnerability in Froxlor Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user. network low complexity froxlor CWE-732	5.0
2017-09-06	CVE-2015-5959	Information Exposure vulnerability in Froxlor Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log. network low complexity froxlor CWE-200	5.0
2017-02-13	CVE-2016-5100	Use of Insufficiently Random Values vulnerability in Froxlor Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value. network low complexity froxlor CWE-330	5.0

Vulnerabilities > Froxlor {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Froxlor"}]}