CPE-9B686351-F39E-465E-BD66-1FE50FF857C5 Détail

CPE Details

Halo 0.4.3

Vendor

halo

Product

halo

Version

0.4.3

Created

2019-10-04
14h40 +00:00

Modifié

2019-10-04
14h40 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:halo:halo:0.4.3:::::::*

Informations

Vendor

halo

Product

halo

Version

0.4.3

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2024-43793	2024-09-11 14h37 +00:00	Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code, potentially leading to a Cross-Site Scripting (XSS) attack. This vulnerability is fixed in 2.19.0.	6.4	Moyen
CVE-2024-43792	2024-09-02 16h15 +00:00	Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.17.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code, potentially leading to a Cross-Site Scripting (XSS) attack. Users are advised to upgrade to version 2.17.0+. There are no known workarounds for this vulnerability.	6.3	Moyen
CVE-2023-27164	2023-03-10 00h00 +00:00	An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md file.	4.8	Moyen
CVE-2020-19038	2021-07-12 14h45 +00:00	File Deletion vulnerability in Halo 0.4.3 via delBackup.	9.1	Critique
CVE-2020-19037	2021-07-12 14h39 +00:00	Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies.	5.3	Moyen
CVE-2020-23079	2021-07-12 14h29 +00:00	SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet.	7.5	Haute
CVE-2020-18982	2021-07-12 14h08 +00:00	Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl.	5.4	Moyen
CVE-2020-18980	2021-07-12 12h56 +00:00	Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters.	9.8	Critique
CVE-2020-18979	2021-07-12 12h43 +00:00	Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter.	6.1	Moyen
CVE-2019-19999	2019-12-26 02h38 +00:00	Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.	7.2	Haute

Halo 0.4.3

CPE Details

CPE Name: cpe:2.3:a:halo:halo:0.4.3:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:halo:halo:0.4.3:::::::*