Naviwebs

naviwebs

34 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (34)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-14017 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a br...Show more An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a brute-force approach to attempt to identify existing sessions, or view the contents of this file to discover details about a session.Show less
CVE-2020-14016 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 24, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account. However, the feature...Show more An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account. However, the feature returns a not_found message when the provided username or email address does not match a user in the system. This can be used to enumerate users.Show less
CVE-2020-14015 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is sup...Show more An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a password, even though no activation code was supplied, setting the password for the most recently created user in the system (the user with the highest user id).Show less
CVE-2020-14014 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 24, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS.
CVE-2020-14927 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 19, 2020 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen.
CVE-2020-14067 1Naviwebs 1Navigatecms Nov 21, 2024 Jun 15, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.cla...Show more The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php.Show less
CVE-2020-13798 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 3, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/feeds/feed.class.php.
CVE-2020-13797 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 3, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/websites/website.class.php.
CVE-2020-13796 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 3, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/structure/structure.class.php.
CVE-2020-13795 1Naviwebs 1Navigate Cms Nov 21, 2024 Jun 3, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in Navigate CMS through 2.8.7. It allows Directory Traversal because lib/packages/templates/template.class.php mishandles ../ and ..\ substrings.
CVE-2018-18029 1Naviwebs 1Navigate Cms Nov 21, 2024 Oct 9, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Navigate CMS has Stored XSS via the navigate.php Title field in an edit action.
CVE-2018-17849 1Naviwebs 1Navigate Cms Nov 21, 2024 Oct 4, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File Upload) request with a multipart/form-data JavaScript payload.
CVE-2018-17553 1Naviwebs 1Navigate Cms Nov 21, 2024 Oct 3, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request w...Show more An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_info.php.Show less
CVE-2018-17552 1Naviwebs 1Navigate Cms Nov 21, 2024 Oct 3, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie.