U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:kanboard:kanboard:1.0.31:beta0
There are 18 matching records.
Displaying matches 1 through 18.
Vuln ID Summary CVSS Severity
CVE-2017-15212

In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user.

Published: October 10, 2017; 9:32:55 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15211

In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link to a private project of another user.

Published: October 10, 2017; 9:32:55 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15210

In Kanboard before 1.0.47, by altering form data, an authenticated user can see thumbnails of pictures from a private project of another user.

Published: October 10, 2017; 9:32:55 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15209

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove attachments from a private project of another user.

Published: October 10, 2017; 9:32:55 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15208

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic actions from a private project of another user.

Published: October 10, 2017; 9:32:55 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15207

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15206

In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link to a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15205

In Kanboard before 1.0.47, by altering form data, an authenticated user can download attachments from a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15204

In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions to a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15203

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories from a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15202

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15201

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15200

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15199

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15198

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15197

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15196

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2017-15195

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM