Skip to main content

Corebos

10 CVEs product

Monthly

CVE-2023-48029 HIGH POC This Week

Corebos 8.0 and below is vulnerable to CSV Injection. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Corebos
NVD GitHub
CVSS 3.1
8.0
EPSS
1.3%
CVE-2023-3073 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-3075 MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Corebos
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-3074 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-3071 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-3070 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-3069 CRITICAL POC PATCH Act Now

Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Corebos
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1527 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4446 CRITICAL POC PATCH Act Now

PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

LFI Information Disclosure PHP Corebos
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2018-1000547 MEDIUM This Month

coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Corebos
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
EPSS 1% CVSS 8.0
HIGH POC This Week

Corebos 8.0 and below is vulnerable to CSV Injection. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Corebos
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Corebos
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Corebos
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Corebos
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

LFI Information Disclosure PHP +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM This Month

coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Corebos
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy