Vulnerabilities > Travianz Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-07	CVE-2023-36992	Code Injection vulnerability in Travianz Project Travianz 8.3.3/8.3.4 PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP code. network low complexity travianz-project CWE-94	7.2
2023-07-07	CVE-2023-36993	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Travianz Project Travianz 8.3.3/8.3.4 The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts. network low complexity travianz-project CWE-338 critical	9.8
2023-07-07	CVE-2023-36994	Incorrect Authorization vulnerability in Travianz Project Travianz 8.3.3/8.3.4 In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code. network low complexity travianz-project CWE-863 critical	9.8
2023-07-06	CVE-2023-36995	Cross-site Scripting vulnerability in Travianz Project Travianz 8.3.3/8.3.4 TravianZ through 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR cookie. network low complexity travianz-project CWE-79	6.1

Vulnerabilities > Travianz Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Travianz Project"}]}