cbcvebase.

Hive Support vulnerabilities

9 known vulnerabilities affecting hive_support/hive_support.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2024-52370P2CRITICALCVSS 9.9≤ 1.1.12024-11-14
CVE-2024-52370 [CRITICAL] CWE-434 CVE-2024-52370: Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support hive-supp Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support hive-support allows Upload a Web Shell to a Web Server.This issue affects Hive Support: from n/a through <= 1.1.1.
nvd
CVE-2024-54304P3HIGHCVSS 8.5≤ 1.1.22024-12-13
CVE-2024-54304 [HIGH] CWE-89 CVE-2024-54304: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hive Support Hive Support hive-support allows SQL Injection.This issue affects Hive Support: from n/a through <= 1.1.2.
nvd
CVE-2025-32635P3HIGHCVSS 7.5≤ 1.2.62025-04-17
CVE-2025-32635 [HIGH] CWE-201 CVE-2025-32635: Insertion of Sensitive Information Into Sent Data vulnerability in Hive Support Hive Support hive-su Insertion of Sensitive Information Into Sent Data vulnerability in Hive Support Hive Support hive-support allows Retrieve Embedded Sensitive Data.This issue affects Hive Support: from n/a through <= 1.2.6.
nvd
CVE-2025-32242P4MEDIUMCVSS 6.5≤ 1.2.52025-04-10
CVE-2025-32242 [MEDIUM] CWE-862 CVE-2025-32242: Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Accessing Funct Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hive Support: from n/a through <= 1.2.5.
nvd
CVE-2025-32208P4MEDIUMCVSS 6.5≤ 1.2.52025-04-10
CVE-2025-32208 [MEDIUM] CWE-862 CVE-2025-32208: Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Inco Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support: from n/a through <= 1.2.5.
nvd
CVE-2025-32214P4MEDIUMCVSS 6.5≤ 1.2.112025-04-10
CVE-2025-32214 [MEDIUM] CWE-79 CVE-2025-32214: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support hive-support allows Stored XSS.This issue affects Hive Support: from n/a through <= 1.2.11.
nvd
CVE-2025-32666P4HIGHCVSS 7.1≤ 1.2.52025-04-17
CVE-2025-32666 [HIGH] CWE-79 CVE-2025-32666: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support hive-support allows Reflected XSS.This issue affects Hive Support: from n/a through <= 1.2.5.
nvd
CVE-2025-22298P4MEDIUMCVSS 4.3≤ 1.1.62025-01-07
CVE-2025-22298 [MEDIUM] CWE-862 CVE-2025-22298: Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Inco Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support: from n/a through <= 1.1.6.
nvd
CVE-2024-54321P4MEDIUMCVSS 4.3≤ 1.1.22024-12-13
CVE-2024-54321 [MEDIUM] CWE-352 CVE-2024-54321: Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support hive-support allows Cro Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support hive-support allows Cross Site Request Forgery.This issue affects Hive Support: from n/a through <= 1.1.2.
nvd
Hive Support vulnerabilities | cvebase