Organizr

organizr

10 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-41372 1Organizr 1Organizr Sep 4, 2024 Aug 29, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/settyping.php.
CVE-2024-41371 1Organizr 1Organizr Sep 4, 2024 Aug 29, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php.
CVE-2024-41370 1Organizr 1Organizr Sep 4, 2024 Aug 29, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php.
CVE-2022-1909 1Organizr 1Organizr Nov 21, 2024 May 27, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200.
CVE-2022-1699 1Organizr 1Organizr Nov 21, 2024 May 12, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
CVE-2022-1698 1Organizr 1Organizr Nov 21, 2024 May 12, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources...Show more Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.Show less
CVE-2022-1347 1Organizr 1Organizr Nov 21, 2024 Apr 13, 2022 N/A· v4 8.4 HIGH· v3 6.0 MEDIUM· v2 Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation
CVE-2022-1345 1Organizr 1Organizr Nov 21, 2024 Apr 13, 2022 N/A· v4 9.0 CRITICAL· v3 3.5 LOW· v2 Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data expo...Show more Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.Show less
CVE-2022-1346 1Organizr 1Organizr Nov 21, 2024 Apr 13, 2022 N/A· v4 9.0 CRITICAL· v3 3.5 LOW· v2 Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and wor...Show more Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.Show less
CVE-2022-1344 1Organizr 1Organizr Nov 21, 2024 Apr 13, 2022 N/A· v4 9.0 CRITICAL· v3 3.5 LOW· v2 Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, se...Show more Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.Show less