Skip to main content

Hubzilla

3 CVEs product

Monthly

CVE-2022-27257 HIGH PATCH This Week

A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Hubzilla
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-27258 MEDIUM This Month

Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 and earlier allows remote attacker to include arbitrary web script or HTML via the rpath parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Hubzilla
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-27256 MEDIUM POC PATCH This Month

A PHP Local File inclusion vulnerability in the Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Open Redirect Hubzilla
NVD
CVSS 3.1
6.1
EPSS
1.5%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Hubzilla
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 and earlier allows remote attacker to include arbitrary web script or HTML via the rpath parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Hubzilla
NVD
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

A PHP Local File inclusion vulnerability in the Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Open Redirect Hubzilla
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy