Vulnerabilities (CVE)

Filtered by vendor Kozos Subscribe
Filtered by product Easyctf
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0914 1 Kozos 1 Easyctf 2024-11-21 5.0 MEDIUM N/A
EasyCTF before 1.4 does not validate the session ID, which allows remote attackers to obtain access via a crafted HTTP request.
CVE-2015-0913 1 Kozos 1 Easyctf 2024-11-21 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-0912 1 Kozos 1 Easyctf 2024-11-21 6.5 MEDIUM N/A
EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors.