Halo

halo

Vendor: Halo • 33 CVEs

CVEs (33)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-18979 1Halo 1Halo Nov 21, 2024 Jul 12, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter.
CVE-2020-21345 1Halo 1Halo Nov 21, 2024 May 20, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross Site Scripting (XSS) vulnerability in Halo 1.1.3 via post publish components in the manage panel, which lets a remote malicious user execute arbitrary code.
CVE-2020-21527 1Halo 1Halo Nov 21, 2024 Sep 30, 2020 N/A· v4 7.7 HIGH· v3 8.5 HIGH· v2 There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the background allows a user, when deleting their backup files, to delete any files on the system through directory traversal.
CVE-2020-21526 1Halo 1Halo Nov 21, 2024 Sep 30, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to b...Show more An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.Show less
CVE-2020-21525 1Halo 1Halo Nov 21, 2024 Sep 30, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass...Show more Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.Show less
CVE-2020-21524 1Halo 1Halo Nov 21, 2024 Sep 30, 2020 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security def...Show more There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read files, enable ddos attacks, etc. exp:https://github.com/halo-dev/halo/issues/423Show less
CVE-2020-21523 1Halo 1Halo Nov 21, 2024 Sep 30, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution...Show more A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign test="freemarker.template.utility.Execute"?new()> ${test("touch /tmp/freemarkerPwned")}Show less
CVE-2020-21522 1Halo 1Halo Nov 21, 2024 Sep 30, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permi...Show more An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating system.Show less
CVE-2020-19007 1Halo 1Halo Nov 21, 2024 Aug 26, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Halo blog 1.2.0 allows users to submit comments on blog posts via /api/content/posts/comments. The javascript code supplied by the attacker will then execute in the victim user's browser.
CVE-2019-19999 1Halo 1Halo Nov 21, 2024 Dec 26, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.
CVE-2019-16890 1Halo 1Halo Nov 21, 2024 Sep 25, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content/posts/comments.
CVE-2018-11012 1Halo 1Halo Nov 21, 2024 May 12, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java.
CVE-2018-11011 1Halo 1Halo Nov 21, 2024 May 12, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.

Previous 12