Lucene search
+L

208 matches found

Cvelist
Cvelist
added 2021/01/20 3:45 p.m.33 views

CVE-2021-3130

Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible...

6AI score0.01316EPSS
Exploits0References2
CVE
CVE
added 2021/01/20 3:45 p.m.76 views

CVE-2021-3130

The CVE-2021-3130 issue affects Open-AudIT up to version 3.5.3, where the web interface uses HTML password-field obfuscation to hide SSH secrets, Windows passwords, and SNMP strings. The vulnerability arises because credentials can be revealed by altering obfuscation through developer tools or si...

5.9CVSS5.7AI score0.01316EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/01/20 12:0 a.m.8 views

Opmantek Open-AudIT Security Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. A security vulnerability exists in Open-AudIT up to version 3.5.3, which originates from the web interface usin...

5.9CVSS6.2AI score0.01316EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2020/07/23 12:0 a.m.23 views

Opmantek Open-AudIT m_discoveries.php Command Injection (CVE-2020-11941)

A command injection vulnerability exists in Open-AudIT. The vulnerability is due to insufficient input validation in mdiscoveries.php...

6.5CVSS3.1AI score0.04558EPSS
Exploits1
GithubExploit
GithubExploit
added 2020/06/02 5:44 p.m.114 views

Exploit for OS Command Injection in Opmantek Open-Audit

CVE-2020-12078 The offi...

9CVSS9.1AI score0.09999EPSS
Exploits3
0day.today
0day.today
added 2020/05/26 12:0 a.m.41 views

Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: Open-AudIT 3.3.0 - Reflective Cross-Site Scripting Authenticated Exploit Author: Kamaljeet Kumar Vendor Homepage: https://opmantek.com/network-discovery-inventory-software/ Software Link: https://www.open-audit.org/downloads.php...

5.9AI score0.02587EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/05/26 12:0 a.m.274 views

Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated)

Exploit Title: Open-AudIT 3.3.0 - Reflective Cross-Site Scripting Authenticated Date: 2020-04-26 Exploit Author: Kamaljeet Kumar Vendor Homepage: https://opmantek.com/network-discovery-inventory-software/ Software Link: https://www.open-audit.org/downloads.php Version: 3.3.0 CVE : CVE-2020-12261...

5.4CVSS6AI score0.02587EPSS
Exploits4
CNVD
CNVD
added 2020/04/30 12:0 a.m.4 views

Opmantek Open-AudIT SQL Injection Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. A security vulnerability exists in Opmantek Open-AudIT version 3.2.2. An attacker can exploit the vulnerability...

9.8CVSS7.1AI score0.01237EPSS
Exploits1
CNVD
CNVD
added 2020/04/30 12:0 a.m.3 views

Opmantek Open-AudIT Code Issue Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. A code issue vulnerability exists in Opmantek Open-AudIT version 3.2.2. An attacker can exploit the vulnerabili...

8.8CVSS7.4AI score0.23901EPSS
Exploits1
0day.today
0day.today
added 2020/04/30 12:0 a.m.62 views

Open-AudIT Professional 3.3.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Exploit Author: Askar CVE: CVE-2020-8813 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import...

9.3CVSS0.2AI score0.73779EPSS
Exploits24
NVD
NVD
added 2020/04/29 10:15 p.m.17 views

CVE-2020-11943

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...

8.8CVSS8.7AI score0.23901EPSS
Exploits1References2
NVD
NVD
added 2020/04/29 10:15 p.m.14 views

CVE-2020-11942

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections...

9.8CVSS9.7AI score0.01237EPSS
Exploits1References2
OSV
OSV
added 2020/04/29 10:15 p.m.11 views

CVE-2020-11943

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...

8.8CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2020/04/29 10:15 p.m.14 views

CVE-2020-11942

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections...

9.8CVSS7.5AI score
Exploits0References2
Prion
Prion
added 2020/04/29 10:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...

6.5CVSS9AI score0.23901EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/04/29 10:15 p.m.14 views

Sql injection

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections...

7.5CVSS9.7AI score0.01237EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/04/29 9:17 p.m.19 views

CVE-2020-11943

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...

9.1AI score0.23901EPSS
Exploits1References2
CVE
CVE
added 2020/04/29 9:17 p.m.45 views

CVE-2020-11943

Open-AudIT 3.2.2 contains an arbitrary file upload vulnerability in the Add Image workflow. An authenticated attacker can upload a PHP file (simple-backdoor.php) via the image upload endpoint and access it to execute commands, as demonstrated by a PoC that places the backdoor under custom_images ...

8.8CVSS8.6AI score0.23901EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/04/29 9:16 p.m.47 views

CVE-2020-11942

Open-AudIT 3.2.2 contains SQL injection in device scripts via unsanitized parameters system.class and system.discovery_id, enabling an attacker to modify or execute arbitrary SQL statements (e.g., via crafted requests to /devices). PoC shows TRUE/FALSE payloads returning different response sizes,...

9.8CVSS9.7AI score0.01237EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/04/29 9:16 p.m.19 views

CVE-2020-11942

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections...

9.8AI score0.01237EPSS
Exploits1References2
Rows per page
Query Builder