CVE-2019-25582 i-doit CMDB 1.12 Arbitrary File Download via file_manager Parameter

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with filemanager=image and supply arbitrary file paths like...

CVE-2019-25582

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with filemanager=image and supply arbitrary file paths like...

i-doit CMDB 代码问题漏洞

i-doit CMDB is a product of the German company i-doit. There is a code vulnerability in i-doit CMDB version 1.12. This vulnerability stems from the use of the file parameter, which allows arbitrary file downloads, potentially enabling authenticated attackers to download sensitive files...

PT-2026-26929

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...

i-doit Open Source CMDB 安全漏洞

i-doit Open Source CMDB is a configuration management database system developed by the German company i-doit. Version 1.14.1 of i-doit Open Source CMDB contains a security vulnerability. This vulnerability stems from a file deletion vulnerability in the deleteimport parameter of the import module...

EUVD-2014-1673

Malware in sbrugna...

EUVD-2013-1451

Malware in sbrugna...

EUVD-2021-26495

Malware in sbrugna...

EUVD-2019-16519

Malware in sbrugna...

EUVD-2020-6039

Malware in sbrugna...

EUVD-2014-2271

Malware in sbrugna...

EUVD-2014-1315

Malware in sbrugna...

EUVD-2020-6040

Malware in sbrugna...

EUVD-2023-41616

Malicious code in bioql PyPI...

EUVD-2023-50265

Malicious code in bioql PyPI...

EUVD-2023-41632

Malicious code in bioql PyPI...

EUVD-2023-38871

Malicious code in bioql PyPI...

CVE-2023-37739

i-doit Pro v25 and below was discovered to be vulnerable to path traversal...

CVE-2023-37755

i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator credentials, and there is no warning or prompt to ask users to change the default password and account name. Unauthenticated attackers can exploit this vulnerability to obtain Administrator...

CVE-2023-34830

i-doit Open v24 was discovered to contain a reflected cross-site scripting XSS vulnerability via the timeout parameter on the login page...