Vulnerabilities > Humhub
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-9093 | Cross-site Scripting vulnerability in Humhub 1.3.10 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in file/file/upload in Humhub 1.3.10 Community Edition. | 4.3 |
2016-06-05 | CVE-2016-1229 | Cross-site Scripting vulnerability in Humhub 0.20.0/0.20.1/1.0.0 Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-01-06 | CVE-2014-9528 | SQL Injection vulnerability in Humhub 0.10.0 SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the from parameter to index.php. | 7.5 |