GCVE - cpe:2.3:a:adive:framework:2.0.8:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:adive:framework:2.0.8:*:*:*:*:*:*:*

part: a version: 2.0.8 update: *

Vendor	Adive (`c9da44af-6b70-5c28-a426-4fdaf9c25b1b`)
Product	Framework (`6138e904-714e-50b3-acf7-ebce89421a03`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/ferdinandmartin/adive-php7`	purl2cpe	2026-06-01 10:11:36.015971

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-4337`	vulnerable	2026-06-03 14:57:15.244442	Múltiple vulnerabilities on Adive Framework HIGH (7.6) Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persistent Cross-Site Scripting (XSS) vulnerability via the /adive/admin/nav/add, in multiple parameters. This vulnerability allows an attacker to retrieve the session details of an authenticated user. Published: 2024-04-30T09:33:46.193Z Updated: 2024-09-03T18:16:53.294Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-adive-framework	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-4336`	vulnerable	2026-06-03 14:57:15.243870	Múltiple vulnerabilities on Adive Framework HIGH (7.6) Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persistent Cross-Site Scripting (XSS) vulnerability via the /adive/admin/tables/add, in multiple parameters. An attacker could retrieve the session details of an authenticated user. Published: 2024-04-30T09:34:16.165Z Updated: 2024-08-15T14:58:57.161Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-adive-framework	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-7991`	vulnerable	2026-06-03 14:43:07.814981	Details available Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password. Published: 2020-01-26T21:22:48.000Z Updated: 2024-08-04T09:48:24.523Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/47946 https://github.com/ferdinandmartin/adive-php7/blob/master/README.md http://packetstormsecurity.com/files/156106/Adive-Framework-2.0.8-Cross-Site-Request-Forgery.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-7990`	vulnerable	2026-06-03 14:43:07.814649	Details available Adive Framework 2.0.8 has admin/user/add userName XSS. Published: 2020-01-26T21:22:58.000Z Updated: 2024-08-04T09:48:24.951Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/47946 https://github.com/ferdinandmartin/adive-php7/blob/master/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-7989`	vulnerable	2026-06-03 14:43:07.814251	Details available Adive Framework 2.0.8 has admin/user/add userUsername XSS. Published: 2020-01-26T21:23:08.000Z Updated: 2024-08-04T09:48:24.976Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/47946 https://github.com/ferdinandmartin/adive-php7/blob/master/README.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.