Vulnerabilities > Humhub

DATE	CVE	VULNERABILITY TITLE	RISK
2016-06-05	CVE-2016-1229	Cross-site Scripting vulnerability in Humhub 0.20.0/0.20.1/1.0.0 Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. network humhub CWE-79	3.5
2015-01-06	CVE-2014-9528	SQL Injection vulnerability in Humhub 0.10.0 SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the from parameter to index.php. network low complexity humhub CWE-89	7.5

Vulnerabilities > Humhub {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Humhub"}]}