Vulnerabilities > Lavalite > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-01 CVE-2023-36983 Unspecified vulnerability in Lavalite 9.0.0
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
network
low complexity
lavalite
7.5
7.5
2023-08-01 CVE-2023-36984 Unspecified vulnerability in Lavalite 9.0.0
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
network
low complexity
lavalite
7.5
7.5
2022-10-18 CVE-2022-42188 Path Traversal vulnerability in Lavalite 9.0.0
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.
network
low complexity
lavalite CWE-22
7.5
7.5