Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 9:58 p.m.9 views

CVE-2022-24780

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in version...

8.8CVSS7.4AI score0.05341EPSS
Exploits4References1
GithubExploit
GithubExploit
added 2022/09/02 7:46 a.m.532 views

Exploit for Code Injection in Combodo Itop

iTop RCE via SSTI - CVE-2022-24780 exploit iTop --debu...

8.8CVSS8.8AI score0.05341EPSS
Exploits4
0day.today
0day.today
added 2022/05/24 12:0 a.m.371 views

iTop Remote Command Execution Exploit

!/usr/bin/env ruby Exploit Title: iTop p...

8.8CVSS0.1AI score0.05341EPSS
Exploits4
OSV
OSV
added 2022/04/05 6:30 p.m.21 views

CVE-2022-24780 Code Injection in Combodo iTop

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in version...

8.8CVSS8.7AI score0.05341EPSS
Exploits4References8
CVE
CVE
added 2022/04/05 6:30 p.m.124 views

CVE-2022-24780

CVE-2022-24780 affects Combodo iTop (web-based IT service management). In versions before 2.7.6 (and 3.0.0), the iTop portal accepts crafted HTTP queries that cause Twig template code to be executed on the server, enabling arbitrary code execution with the server user privileges. Root cause: temp...

8.8CVSS8.7AI score0.05341EPSS
Exploits4References6Affected Software1
Rows per page
Query Builder