Adive Framework vulnerabilities
5 known vulnerabilities affecting adive/framework.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-7991P3HIGHCVSS 8.8PoCv2.0.82020-01-26
CVE-2020-7991 [HIGH] CWE-352 CVE-2020-7991: Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password.
Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password.
nvd
CVE-2024-4337P4HIGHCVSS 7.4v2.0.82024-04-30
CVE-2024-4337 [HIGH] CWE-79 CVE-2024-4337: Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persisten
Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persistent Cross-Site Scripting (XSS) vulnerability via the /adive/admin/nav/add, in multiple parameters. This vulnerability allows an attacker to retrieve the session details of an authenticated user.
nvd
CVE-2024-4336P4HIGHCVSS 7.4v2.0.82024-04-30
CVE-2024-4336 [HIGH] CWE-79 CVE-2024-4336: Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persisten
Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persistent Cross-Site Scripting (XSS) vulnerability via the /adive/admin/tables/add, in multiple parameters. An attacker could retrieve the session details of an authenticated user.
nvd
CVE-2020-7990P4MEDIUMCVSS 6.1v2.0.82020-01-26
CVE-2020-7990 [MEDIUM] CWE-79 CVE-2020-7990: Adive Framework 2.0.8 has admin/user/add userName XSS.
Adive Framework 2.0.8 has admin/user/add userName XSS.
nvd
CVE-2020-7989P4MEDIUMCVSS 6.1v2.0.82020-01-26
CVE-2020-7989 [MEDIUM] CWE-79 CVE-2020-7989: Adive Framework 2.0.8 has admin/user/add userUsername XSS.
Adive Framework 2.0.8 has admin/user/add userUsername XSS.
nvd