Filtered by vendor Gforge
Subscribe
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2431 | 1 Gforge | 1 Gforge | 2025-04-03 | 5.0 MEDIUM | N/A |
| The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses (aka mail bomb). | |||||
| CVE-2019-10016 | 1 Gforge | 1 Advanced Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring. | |||||