Vulnerabilities > Nbnbk Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-23	CVE-2022-46492	Path Traversal vulnerability in Nbnbk Project Nbnbk nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary. network low complexity nbnbk-project CWE-22	6.5
2022-12-22	CVE-2022-46491	Cross-Site Request Forgery (CSRF) vulnerability in Nbnbk Project Nbnbk A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts. network low complexity nbnbk-project CWE-352	6.5
2022-12-22	CVE-2022-46493	Unrestricted Upload of File with Dangerous Type vulnerability in Nbnbk Project Nbnbk Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/download_img. network low complexity nbnbk-project CWE-434 critical	9.8
2022-06-09	CVE-2022-31386	Server-Side Request Forgery (SSRF) vulnerability in Nbnbk Project Nbnbk 3 A Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the URL parameter. network low complexity nbnbk-project CWE-918 critical	9.1

Vulnerabilities > Nbnbk Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Nbnbk Project"}]}