Known Vulnerabilities for Navigate Cms by Naviwebs

Listed below are 10 of the newest known vulnerabilities associated with the software "Navigate Cms" by "Naviwebs".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-42727 Acrobat RoboHelp Server versions 2020.0.1 (and earlier) are affected by a Path traversal vulnerability. The authenticated att... 8.8 - High 2021-11-22 2021-11-22
CVE-2021-36455 SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php... 8.8 - HIGH 2021-08-06 2021-08-13
CVE-2021-36454 Cross Site Scripting (XSS) vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1) backups\backup... 5.4 - MEDIUM 2021-08-06 2021-08-12
CVE-2020-14017 An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are store... 7.5 - HIGH 2020-06-24 2020-06-29
CVE-2020-14016 An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using... 5.3 - MEDIUM 2020-06-24 2020-06-29
CVE-2020-14015 An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code tha... 7.5 - HIGH 2020-06-24 2020-06-29
CVE-2020-14014 An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perf... 5.4 - MEDIUM 2020-06-24 2021-08-06
CVE-2020-13798 An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/feeds/... 6.1 - MEDIUM 2020-06-03 2020-06-04
CVE-2020-13797 An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/websit... 6.1 - MEDIUM 2020-06-03 2020-06-04
CVE-2020-13796 An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/struct... 6.1 - MEDIUM 2020-06-03 2020-06-04

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationNaviwebsNavigate Cms2.9.1AllAllAll
ApplicationNaviwebsNavigate Cms2.9r1433AllAll
ApplicationNaviwebsNavigate Cms2.9AllAllAll
ApplicationNaviwebsNavigate Cms2.8.7AllAllAll
ApplicationNaviwebsNavigate Cms2.8AllAllAll
ApplicationNaviwebsNavigate Cms1.8.6AllAllAll
ApplicationNaviwebsNavigate Cms1.8.5AllAllAll
ApplicationNaviwebsNavigate Cms1.8.4AllAllAll
ApplicationNaviwebsNavigate Cms1.8.3AllAllAll
ApplicationNaviwebsNavigate Cms1.8.2AllAllAll
ApplicationNaviwebsNavigate Cms1.8.1AllAllAll
ApplicationNaviwebsNavigate Cms1.8.0AllAllAll
ApplicationNaviwebsNavigate Cms1.7.9AllAllAll
ApplicationNaviwebsNavigate Cms1.7.8AllAllAll
ApplicationNaviwebsNavigate Cms1.7.7AllAllAll
ApplicationNaviwebsNavigate Cms1.7.6AllAllAll
ApplicationNaviwebsNavigate Cms1.7.5AllAllAll
ApplicationNaviwebsNavigate Cms1.7.4AllAllAll
ApplicationNaviwebsNavigate Cms1.7.3AllAllAll
ApplicationNaviwebsNavigate Cms1.7.2AllAllAll

Popular searches for Navigate Cms

Naviwebs - the creators of Navigate CMS

www.naviwebs.com

Naviwebs - the creators of Navigate CMS We provide technical support, custom developments and other professional services. Althought Navigate has its own community, sometimes you need a quick and professional response to help you on your projects. ; OUR SERVICES Install support We can install Navigate CMS j h f in your server and leave it ready for you to create your new website. We can even install it for you!

Content management system Technical support Installation (computer programs) Website Professional services Server (computing) Web service Subscription business model Email Issue tracking system HTML Application software Direct Client-to-Client Web hosting service Internet hosting service Software Design Theme (computing) Type system Privacy policy

Thais Pérez López - Diseño y maquetación web, Content Manager, Community Manager, E-commerce - Seleneart | LinkedIn

es.linkedin.com/in/thais-p%C3%A9rez-l%C3%B3pez-47b85730

Thais Prez Lpez - Diseo y maquetacin web, Content Manager, Community Manager, E-commerce - Seleneart | LinkedIn Ve el perfil de Thais Prez Lpez en LinkedIn, la mayor red profesional del mundo. Thais tiene 8 empleos en su perfil. Ve el perfil completo en LinkedIn y descubre los contactos y empleos de Thais en empresas similares.

Blog LinkedIn Online community manager World Wide Web E-commerce Content management HTML Email marketing Barcelona English language Web banner Cascading Style Sheets Web application Blogger (service) Girona FC Flyer (pamphlet) Content (media) Content management system Chief executive officer Persona (user experience)

© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report