U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:kanboard:kanboard:1.0.36
There are 27 matching records.
Displaying matches 21 through 27.
Vuln ID Summary CVSS Severity
CVE-2017-15199

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.

Published: October 10, 2017; 9:32:54 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-15198

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-15197

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-15196

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-15195

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a private project of another user.

Published: October 10, 2017; 9:32:54 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-12851

An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46.

Published: August 14, 2017; 4:29:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 4.0 MEDIUM
CVE-2017-12850

An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46.

Published: August 14, 2017; 4:29:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 4.0 MEDIUM