Shodan
Vulnerabilities
Vulnerable Software
Getkirby:  >> Kirby  >> 2.5.12  Security Vulnerabilities
CVE-2018-16623
Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-05-13
CVE-2018-16624
panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-05-13
CVE-2018-16630
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-16627
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-12-20
CVE-2018-16628
panel/login in Kirby v2.5.12 allows XSS via a blog name.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-12-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved