Burden Project Burden vulnerabilities
2 known vulnerabilities affecting burden_project/burden.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2013-7137P2CRITICALCVSS 9.8PoCfixed in 1.8.12014-01-26
CVE-2013-7137 [CRITICAL] CWE-287 CVE-2013-7137: The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to bypas
The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1.
nvd
CVE-2022-24589P4MEDIUMCVSS 6.1v3.02022-02-15
CVE-2022-24589 [MEDIUM] CWE-79 CVE-2022-24589: Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category functi
Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter.
nvd