Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Hoosk Subscribe
Filtered by product Hoosk
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43234 1 Hoosk 1 Hoosk 2023-12-10 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-28586 1 Hoosk 1 Hoosk 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.
CVE-2021-43478 1 Hoosk 1 Hoosk 2023-12-10 5.5 MEDIUM 5.4 MEDIUM
A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website.
CVE-2020-26043 1 Hoosk 1 Hoosk 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php
CVE-2020-26041 1 Hoosk 1 Hoosk 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php
CVE-2020-26042 1 Hoosk 1 Hoosk 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php
CVE-2020-16610 1 Hoosk 1 Hoosk 2023-12-10 4.3 MEDIUM 4.3 MEDIUM
Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request Forgery (CSRF). When an attacker induces authenticated admin user to a malicious web page, any accounts can be deleted without admin user's intention.
CVE-2018-16771 1 Hoosk 1 Hoosk 2023-12-10 7.5 HIGH 9.8 CRITICAL
Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided during installation and mishandled in config.php.
CVE-2018-16772 1 Hoosk 1 Hoosk 2023-12-10 3.5 LOW 4.8 MEDIUM
Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new.
CVE-2018-7590 1 Hoosk 1 Hoosk 2023-12-10 6.8 MEDIUM 8.8 HIGH
CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation.