Vulnerabilities > Ovidentia

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-17	CVE-2022-22914	Path Traversal vulnerability in Ovidentia 6.0.0 An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal. network low complexity ovidentia CWE-22	7.5
2021-03-30	CVE-2021-29343	SQL Injection vulnerability in Ovidentia Ovidentia CMS 6.x contains a SQL injection vulnerability in the "id" parameter of index.php. network low complexity ovidentia CWE-89	5.4
2019-07-19	CVE-2019-13978	SQL Injection vulnerability in Ovidentia 8.4.3 Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request. network low complexity ovidentia CWE-89	8.8
2019-07-19	CVE-2019-13977	Cross-site Scripting vulnerability in Ovidentia 8.4.3 index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=. network low complexity ovidentia CWE-79	5.4
2018-07-09	CVE-2018-1000619	Unrestricted Upload of File with Dangerous Type vulnerability in Ovidentia Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. network low complexity ovidentia CWE-434	8.8

Vulnerabilities > Ovidentia {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ovidentia"}]}