CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Montala: >> Resourcespace >> 7.2 Security Vulnerabilities

CVE-2022-31260

In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value.

CVSS Score

6.5

EPSS Score

0.139

Published

2022-07-17

CVE-2021-41951

ResourceSpace before 9.6 rev 18290 is affected by a reflected Cross-Site Scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter. If an attacker is able to persuade a victim to visit a crafted URL, malicious JavaScript content may be executed within the context of the victim's browser.

CVSS Score

6.1

EPSS Score

0.55

Published

2021-11-15

CVE-2015-6915

SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and earlier allows remote attackers to execute arbitrary SQL commands via the "user" cookie to plugins/feedback/pages/feedback.php.

CVSS Score

7.5

EPSS Score

0.003

Published

2015-09-11

Page 1

Vulnerabilities

Vulnerable Software

Montala: >> Resourcespace >> 7.2 Security Vulnerabilities

Products

Pricing

Contact Us