Filtered by vendor Kanboard
Subscriptions
Total
32 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15201 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user. | ||||
| CVE-2017-15200 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user. | ||||
| CVE-2017-15199 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description. | ||||
| CVE-2017-15198 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user. | ||||
| CVE-2017-15197 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user. | ||||
| CVE-2017-15196 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a private project of another user. | ||||
| CVE-2017-15195 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a private project of another user. | ||||
| CVE-2017-12851 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46. | ||||
| CVE-2017-12850 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46. | ||||
| CVE-2014-3920 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0.6 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a save action to the default URI. | ||||
| CVE-2024-51748 | 1 Kanboard | 1 Kanboard | 2024-11-12 | 9.1 Critical |
| Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can run arbitrary php code on the server in combination with a file write possibility. The user interface language is determined and loaded by the setting `application_language` in the `settings` table. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, has control over the filepath, which is loaded. Exploiting this vulnerability has one constraint: the attacker must be able to place a file (called translations.php) on the system. However, this is not impossible, think of anonymous FTP server or another application that allows uploading files. Once the attacker has placed its file with the actual php code as the payload, the attacker can craft a sqlite db settings, which uses path traversal to point to the directory, where the `translations.php` file is stored. Then gaining code execution after importing the crafted sqlite.db. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-51747 | 1 Kanboard | 1 Kanboard | 2024-11-12 | 9.1 Critical |
| Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewable or downloadable in Kanboard are resolved through its `path` entry in the `project_has_files` SQLite db. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, can set arbitrary file links, by abusing path traversals. Once the modified db is uploaded and the project page is accessed, a file download can be triggered and all files, readable in the context of the Kanboard application permissions, can be downloaded. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||