Softwarepublico I3Geo vulnerabilities
4 known vulnerabilities affecting softwarepublico/i3geo.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
1
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-32409P1CRITICALCVSS 9.8ExploitedPoCv7.0.52022-07-14
CVE-2022-32409 [CRITICAL] CWE-22 CVE-2022-32409: A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Pub
A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request.
nvd
CVE-2022-34094P3MEDIUMCVSS 6.1PoCv7.0.52022-07-14
CVE-2022-34094 [MEDIUM] CWE-79 CVE-2022-34094: Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php.
nvd
CVE-2022-34093P3MEDIUMCVSS 6.1PoCv7.0.52022-07-14
CVE-2022-34093 [MEDIUM] CWE-79 CVE-2022-34093: Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php.
nvd
CVE-2022-34092P4MEDIUMCVSS 6.1v7.0.52022-07-14
CVE-2022-34092 [MEDIUM] CWE-79 CVE-2022-34092: Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via svg2img.php.
nvd