Astra Linux - уязвимость в ansible

Ansible-playbook -k and Ansible CLI tools, all versions up to 2.8.4; all versions of 2.7.x up to 2.7.13; and all versions of 2.6.x up to 2.6.19. Prompt passwords should be expanded from templates, as these templates may contain special characters. Passwords should be wrapped to prevent triggering...

CVE-2025-48065

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a field with an error contains malicious content. Versions 2.7.13 and 3.2.2 protect rendered HTML content...

CVE-2025-47286

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on i...

CVE-2025-48065 Combodo iTop vulnerable to reflected XSS via objection edition form error

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a field with an error contains malicious content. Versions 2.7.13 and 3.2.2 protect rendered HTML content...

CVE-2025-47932

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is rendered via an AJAX call. Versions 2.7.13 and 3.2.2 sanitize the var responsible for the attack...

CVE-2025-47932 Combodo iTop vulnerable to reflected XSS in ajax.render.php render_dashboard

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is rendered via an AJAX call. Versions 2.7.13 and 3.2.2 sanitize the var responsible for the attack...

CVE-2025-47286

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on i...

CVE-2025-47773 Combodo iTop has XSS vulnerability in /pages/ajax.render.php

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is edited via an AJAX call. Versions 2.7.13 and 3.2.2 protect rendered HTML content...

EUVD-2025-50807

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is edited via an AJAX call. Versions 2.7.13 and 3.2.2 protect rendered HTML content...

CVE-2025-47286

Combodo iTop is affected by CVE-2025-47286 in versions prior to 2.7.13 and 3.2.2, where an administrator can execute server code by editing the iTop configuration. Versions 2.7.13 and 3.2.2 introduce checks/escaping of the config parameter before command execution. Affected component: iTop config...

PT-2025-46194

Name of the Vulnerable Software and Affected Versions Combodo iTop versions prior to 2.7.13 Combodo iTop versions prior to 3.2.2 Description Combodo iTop, a web-based IT service management tool, is susceptible to cross-site scripting. This occurs when a field displaying an error contains maliciou...

PT-2025-46182

Name of the Vulnerable Software and Affected Versions Combodo iTop versions prior to 2.7.13 Combodo iTop versions prior to 3.2.2 Description Combodo iTop is a web-based IT service management tool. An administrator can execute code on the server by editing the configuration of the iTop instance in...

PT-2025-46184

Name of the Vulnerable Software and Affected Versions Combodo iTop versions prior to 2.7.13 Combodo iTop versions prior to 3.2.2 Description Combodo iTop, a web-based IT service management tool, is susceptible to cross-site scripting when a dashboard is edited through an AJAX call. This allows fo...

Combodo iTop 跨站脚本漏洞

Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in Combodo iT...

Combodo iTop 跨站脚本漏洞

Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in Combodo iT...

Combodo iTop 跨站脚本漏洞

Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in Combodo iT...

EUVD-2025-19262

Malicious code in bioql PyPI...

CVE-2025-32689

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

CVE-2025-32689 WordPress Download Manager and Payment Form plugin <= 2.8.2 - Price Manipulation vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

PT-2025-36757

Name of the Vulnerable Software and Affected Versions: WP SmartPay versions n/a through 2.7.13 Description: An improper validation of the specified quantity in input exists in ThemesGrove WP SmartPay. Recommendations: Update WP SmartPay to a version later than 2.7.13...