Skip to main content

Kvf Admin

3 CVEs product

Monthly

CVE-2024-9291 MEDIUM POC This Month

A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Kvf Admin
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-9280 MEDIUM This Month

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Kvf Admin
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2022-35857 CRITICAL POC Act Now

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Authentication Bypass RCE Kvf Admin
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Kvf Admin
NVD GitHub VulDB
EPSS 1% CVSS 5.1
MEDIUM This Month

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Kvf Admin
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Authentication Bypass RCE +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy