Skip to main content

Fusionforge

3 CVEs product

Monthly

CVE-2014-0468 CRITICAL PATCH Act Now

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

File Upload Apache Ubuntu Debian Fusionforge
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2015-0850 CRITICAL PATCH Act Now

The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Fusionforge
NVD
CVSS 2.0
10.0
EPSS
6.7%
CVE-2013-1423 MEDIUM This Month

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_update.pl, (5) deb-specific/ssh_dump_update.pl, (6). Rated medium severity (CVSS 6.9). No vendor patch available.

PHP Information Disclosure Fusionforge
NVD
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

File Upload Apache Ubuntu +2
NVD
EPSS 7% CVSS 10.0
CRITICAL PATCH Act Now

The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Fusionforge
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_update.pl, (5) deb-specific/ssh_dump_update.pl, (6). Rated medium severity (CVSS 6.9). No vendor patch available.

PHP Information Disclosure Fusionforge
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy