Dino : Security Vulnerabilities, CVEs,

CVE-2023-28686

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information.
Max CVSS
7.1
EPSS Score
0.15%
Published
2023-03-24
Updated
2023-04-02

CVE-2021-33896

Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators.
Max CVSS
5.3
EPSS Score
0.14%
Published
2021-06-07
Updated
2021-06-17

CVE-2019-16237

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
Max CVSS
7.5
EPSS Score
0.24%
Published
2019-09-11
Updated
2020-09-14

CVE-2019-16236

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.
Max CVSS
7.5
EPSS Score
0.34%
Published
2019-09-11
Updated
2020-09-14

CVE-2019-16235

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.
Max CVSS
7.5
EPSS Score
0.34%
Published
2019-09-11
Updated
2020-09-14

CVE-2008-4075

Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.
Max CVSS
6.8
EPSS Score
1.52%
Published
2008-09-15
Updated
2017-09-29
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close