Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sickrage Security Vulnerabilities

cve
cve

CVE-2018-9160

SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.

9.8CVSS

9.3AI Score

0.624EPSS

2018-03-31 09:29 PM
38
cve
cve

CVE-2021-25925

in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive info...

5.4CVSS

5.4AI Score

0.001EPSS

2021-04-12 02:15 PM
47
cve
cve

CVE-2021-25926

In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the quicksearch feature. Therefore, an attacker can steal a user's sessionID to masquerade as a victim user, to carry out any actions in the con...

6.1CVSS

6AI Score

0.001EPSS

2021-04-12 02:15 PM
48