Thecontrolgroup Voyager — known CVE vulnerabilities
Every CVE whose affected-product data names Thecontrolgroup Voyager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-36070 — CVSS 9.8 (critical): Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php…
CVE-2019-17050 — CVSS 7.2 (high): An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or…
CVE-2024-55417 — CVSS 4.3 (medium): DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via…
CVE-2024-55416 — CVSS 3.5 (low): DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on…