Agentejo Cockpit 0.10.2 - Cross-Site Scripting

Agentejo Cockpit 0.10.2 contains a reflected cross-site scripting vulnerability due to insufficient sanitization of the to parameter in the /auth/login route, which allows for injection of arbitrary JavaScript code into a web page's content. id: CVE-2020-14408 info: name: Agentejo Cockpit 0.10.2 ...

Cockpit - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4. id: CVE-2023-4451 info: name: Cockpit - Cross-Site Scripting author: iamnoooob,pdresearch severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior...

Agentejo Cockpit < 0.11.2 - NoSQL Injection

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. The $eq operator matches documents where the value of a field equals the specified value. id: CVE-2020-35846 info: name: Agentejo Cockpit 0.11.2 - NoSQL Injection author: dwisiswant0 severity: critic...

Agentejo Cockpit <0.12.0 - NoSQL Injection

Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form. id: CVE-2020-35848 info: name: Agentejo Cockpit 0.12.0 - NoSQL Injection author: dwisiswant0 severity: critical...

Agentejo Cockpit <0.11.2 - NoSQL Injection

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function of the Auth controller. id: CVE-2020-35847 info: name: Agentejo Cockpit 0.11.2 - NoSQL Injection author: dwisiswant0 severity: critical description: | Agentejo Cockpit before 0.11.2 allows NoS...

Exploit for SQL Injection in Agentejo Cockpit

Synthetic Test Case: CVE-2020-35846 CWE: CWE-89 Origi...

EUVD-2018-7416

Malware in sbrugna...

EUVD-2020-6547

Malware in sbrugna...

EUVD-2018-7415

Malware in sbrugna...

EUVD-2018-7414

Malware in sbrugna...

EUVD-2024-1810

Malicious code in bioql PyPI...

CVE-2020-35847

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function...

CVE-2020-35846

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function...

CVE-2020-14408

An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector...

CVE-2020-35848

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function...

GHSA-VPJ8-XFQC-JCV9 Cockpit CMS contains an arbitrary file upload vulenrability

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...

Cockpit CMS contains an arbitrary file upload vulenrability

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...

CVE-2024-4825

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...

CVE-2024-4825

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...

Agentejo Cockpit 代码问题漏洞

Agentejo Cockpit is a management system for managing structured content on websites from Agentejo, Germany. A code issue exists in Agentejo Cockpit CMS version v0.5.5, which originates from an unlimited file upload from /media/api...