Skip to main content

Doorgets Cms

22 CVEs product

Monthly

CVE-2019-11626 MEDIUM POC This Month

routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
5.3
EPSS
1.3%
CVE-2019-11625 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-11624 MEDIUM POC This Month

doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.6%
CVE-2019-11623 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-11622 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-11621 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-11620 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-11619 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-11618 CRITICAL POC Act Now

doorGets 7.0 has a default administrator credential vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-11617 HIGH POC This Week

doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Google CSRF Doorgets Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.8%
CVE-2019-11616 CRITICAL POC Act Now

doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp/admin.php and /setup/temp/database.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
CVE-2019-11615 HIGH POC This Week

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Doorgets Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-11614 HIGH POC This Week

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-11613 MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2019-11612 HIGH POC This Week

doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Doorgets Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
2.7%
CVE-2019-11611 HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
3.9%
CVE-2019-11610 HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
3.9%
CVE-2019-11609 HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
8.2
EPSS
4.0%
CVE-2019-11608 HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
8.2
EPSS
4.1%
CVE-2019-11607 HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
3.9%
CVE-2019-11606 HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
3.9%
CVE-2014-1459 MEDIUM POC This Month

SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi CSRF Doorgets Cms
NVD Exploit-DB GitHub
CVSS 2.0
6.5
EPSS
1.2%
EPSS 1% CVSS 5.3
MEDIUM POC This Month

routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 2% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Doorgets Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

doorGets 7.0 has a default administrator credential vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Google CSRF +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp/admin.php and /setup/temp/database.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Doorgets Cms
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doorgets Cms
NVD GitHub
EPSS 3% CVSS 7.5
HIGH POC This Week

doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Doorgets Cms
NVD GitHub
EPSS 4% CVSS 7.5
HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD GitHub
EPSS 4% CVSS 7.5
HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD GitHub
EPSS 4% CVSS 8.2
HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD GitHub
EPSS 4% CVSS 8.2
HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD GitHub
EPSS 4% CVSS 7.5
HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD GitHub
EPSS 4% CVSS 7.5
HIGH POC This Week

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi CSRF +1
NVD Exploit-DB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy