Vulnerabilities > Humhub

DATE CVE VULNERABILITY TITLE RISK
2024-11-06 CVE-2024-52043 Information Exposure Through an Error Message vulnerability in Humhub
Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co.
network
low complexity
humhub CWE-209
5.3
2022-07-07 CVE-2022-31133 Cross-site Scripting vulnerability in Humhub
HumHub is an Open Source Enterprise Social Network.
network
humhub CWE-79
3.5
2022-06-09 CVE-2017-20026 Cross-site Scripting vulnerability in Humhub
A vulnerability has been found in HumHub up to 1.0.1 and classified as problematic.
network
humhub CWE-79
4.3
2022-06-09 CVE-2017-20027 Cross-site Scripting vulnerability in Humhub
A vulnerability was found in HumHub up to 1.0.1 and classified as problematic.
network
humhub CWE-79
4.3
2022-06-09 CVE-2017-20028 Improper Privilege Management vulnerability in Humhub 0.20.1/1.0.0
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3.
network
low complexity
humhub CWE-269
7.5
2022-04-20 CVE-2022-24865 Incorrect Authorization vulnerability in Humhub
HumHub is an Open Source Enterprise Social Network.
network
low complexity
humhub CWE-863
4.0
2021-12-20 CVE-2021-43847 Missing Authorization vulnerability in Humhub
HumHub is an open-source social network kit written in PHP.
network
low complexity
humhub CWE-862
4.0
2019-07-29 CVE-2019-12743 Information Exposure vulnerability in Humhub Social Network KIT 1.3.13
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure.
network
low complexity
humhub CWE-200
5.0
2019-05-08 CVE-2019-11564 Cross-site Scripting vulnerability in Humhub 1.3.12
A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request.
network
humhub CWE-79
4.3
2019-03-21 CVE-2019-9094 Cross-site Scripting vulnerability in Humhub 1.3.10
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition.
network
humhub CWE-79
4.3