Shodan
Vulnerabilities
Vulnerable Software
Rockmongo:  >> Rockmongo  Security Vulnerabilities
CVE-2023-53938
RockMongo 1.1.7 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple unencoded input parameters. Attackers can exploit the vulnerability by submitting crafted payloads in database, collection, and login parameters to execute arbitrary JavaScript in victim's browser.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-18
CVE-2013-5107
Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php.
CVSS Score
5.0
EPSS Score
0.001
Published
2013-12-14
CVE-2013-5108
Multiple cross-site scripting (XSS) vulnerabilities in the xn function in RockMongo 1.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) db parameter on the login page or (2) username parameter in a login.index action to index.php and other unspecified parameters.
CVSS Score
4.3
EPSS Score
0.009
Published
2013-12-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved