Vocabularyserver Tematres vulnerabilities
3 known vulnerabilities affecting vocabularyserver/tematres.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2019-14345P2CRITICALCVSS 9.8PoCv3.02019-11-15
CVE-2019-14345 [CRITICAL] CVE-2019-14345: TemaTres 3.0 allows remote unprivileged users to create an administrator account
TemaTres 3.0 allows remote unprivileged users to create an administrator account
nvd
CVE-2019-14343P4MEDIUMCVSS 5.4PoCv3.02019-11-15
CVE-2019-14343 [MEDIUM] CWE-79 CVE-2019-14343: TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
nvd
CVE-2019-14344P4MEDIUMCVSS 6.1v3.02019-12-13
CVE-2019-14344 [MEDIUM] CWE-79 CVE-2019-14344: TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.
TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI.
nvd