Vulnerabilities > Trovebox

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-26	CVE-2018-1000554	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Trovebox Trovebox version <= 4.0.0-rc6 contains a Unsafe password reset token generation vulnerability in user component that can result in Password reset. network low complexity trovebox CWE-640 critical	9.8
2018-06-26	CVE-2018-1000553	Server-Side Request Forgery (SSRF) vulnerability in Trovebox Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. network low complexity trovebox CWE-918	8.8
2018-06-26	CVE-2018-1000552	SQL Injection vulnerability in Trovebox Trovebox version <= 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can result in SQL code injection. network low complexity trovebox CWE-89	8.8
2018-06-26	CVE-2018-1000551	Unspecified vulnerability in Trovebox Trovebox version <= 4.0.0-rc6 contains a PHP Type juggling vulnerability in album view component that can result in Authentication bypass. network low complexity trovebox	8.8

Vulnerabilities > Trovebox {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Trovebox"}]}