National Keep Cyber Security Services Cybermath vulnerabilities
6 known vulnerabilities affecting national_keep_cyber_security_services/cybermath.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-6675P2CRITICALCVSS 9.8≥ v1.4, < v1.52024-02-02
CVE-2023-6675 [CRITICAL] CWE-434 CVE-2023-6675: Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Servic
Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server.
This issue affects CyberMath: from v.1.4 before v.1.5.
nvd
CVE-2024-7108P3CRITICALCVSS 9.8fixed in CYBM.2408162532024-09-26
CVE-2024-7108 [CRITICAL] CWE-863 CVE-2024-7108: Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Acce
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects CyberMath: before CYBM.240816253.
nvd
CVE-2024-7107P3HIGHCVSS 7.5fixed in CYBM.2408162532024-09-26
CVE-2024-7107 [HIGH] CWE-552 CVE-2024-7107: Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Se
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.
This issue affects CyberMath: before CYBM.240816253.
nvd
CVE-2023-6676P3HIGHCVSS 8.8≥ v1.4, < v1.52024-02-02
CVE-2023-6676 [HIGH] CWE-352 CVE-2023-6676: Cross-Site Request Forgery (CSRF) vulnerability in National Keep Cyber Security Services CyberMath a
Cross-Site Request Forgery (CSRF) vulnerability in National Keep Cyber Security Services CyberMath allows Cross Site Request Forgery.
This issue affects CyberMath: from v1.4 before v1.5.
nvd
CVE-2023-6673P4MEDIUMCVSS 6.1≥ v1.4, < v1.52024-02-02
CVE-2023-6673 [MEDIUM] CWE-79 CVE-2023-6673: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Reflected XSS.
This issue affects CyberMath: from v.1.4 before v.1.5.
nvd
CVE-2023-6672P4MEDIUMCVSS 5.4≥ v1.4, < v1.52024-02-02
CVE-2023-6672 [MEDIUM] CWE-79 CVE-2023-6672: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Stored XSS.
This issue affects CyberMath: from v1.4 before v1.5.
nvd