Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2026/03/21 4:16 p.m.3 views

CVE-2019-25582

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with filemanager=image and supply arbitrary file paths like...

7.1CVSS0.0008EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/03/21 3:30 p.m.1 views

CVE-2019-25581 i-doit CMDB 1.12 SQL Injection via objGroupID Parameter

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...

8.8CVSS6.2AI score0.00254EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/03/21 3:30 p.m.24 views

CVE-2019-25581 i-doit CMDB 1.12 SQL Injection via objGroupID Parameter

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...

8.8CVSS0.00254EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/03/21 3:30 p.m.3 views

CVE-2019-25581

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...

8.8CVSS6.2AI score0.00254EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2026/03/21 12:0 a.m.3 views

i-doit CMDB SQL注入漏洞

i-doit CMDB is a enterprise-level IT documentation and configuration management database solution developed by the German company i-doit. Version 1.12 of i-doit CMDB contains a SQL injection vulnerability. This vulnerability stems from the objGroupID parameter, which allows for SQL injections,...

8.8CVSS6.1AI score0.00254EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/02/03 10:1 p.m.1 views

CVE-2020-37078 i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion

i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the deleteimport parameter. Attackers can send a POST request to the import module with a crafted filename to remove files from...

8.8CVSS5.5AI score0.00094EPSS
Exploits0References4
Rows per page
Query Builder