Lucene search
K

84 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.7 views

CVE-2020-10192

An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the /report/brokenclient endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/views/listings/default.php...

6.1CVSS6AI score0.00753EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7860

Malware in sbrugna...

8.1CVSS8AI score0.00619EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-2651

Malware in sbrugna...

8.8CVSS8.6AI score0.01238EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-2652

Malware in sbrugna...

5.4CVSS5.6AI score0.00598EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2020-2653

Malware in sbrugna...

6.1CVSS6.3AI score0.00753EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-7861

Malware in sbrugna...

8.8CVSS8.6AI score0.01234EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2968

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.01161EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-5333

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00936EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5756

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.01161EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5040

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.01262EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2428

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.01262EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 5:0 p.m.8 views

CVE-2020-15885

A Cross-Site Scripting XSS vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment...

5.4CVSS5.7AI score0.00936EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:0 p.m.10 views

CVE-2020-15887

A SQL injection vulnerability in softwareupdatecontroller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/gettabdata/ endpoint...

8.8CVSS8.6AI score0.01262EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:52 p.m.8 views

CVE-2020-15882

A CSRF issue in manager/deletemachine/id in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database...

8.1CVSS7AI score0.00619EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:50 p.m.8 views

CVE-2020-10190

An issue was discovered in MunkiReport before 5.3.0. An authenticated user could achieve SQL Injection in app/models/tablequery.php by crafting a special payload on the /datatables/data endpoint...

8.8CVSS8AI score0.01238EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 p.m.6 views

CVE-2020-15886

A SQL injection vulnerability in reportdatacontroller.php in the reportdata module before 3.5 for MunkiReport allows attackers to execute arbitrary SQL commands via the req parameter of the /module/reportdata/ip endpoint...

8.8CVSS8.6AI score0.01262EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:14 p.m.6 views

CVE-2020-15884

A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order0dir field on POST requests to /datatables/data...

8.8CVSS8.6AI score0.01234EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:9 p.m.8 views

CVE-2020-10191

An issue was discovered in MunkiReport before 5.3.0. An authenticated actor can send a custom XSS payload through the /module/comment/save endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/controllers/client.php:detail...

5.4CVSS5.9AI score0.00598EPSS
Exploits1References1
OSV
OSV
added 2022/05/24 5:24 p.m.16 views

GHSA-VC4F-2G7F-PMQR MunkiReport Cross-Site Scripting (XSS) Filter Bypass On Comment

A Cross-Site Scripting XSS vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment...

5.4CVSS5.3AI score0.00936EPSS
Exploits0References7
OSV
OSV
added 2022/05/24 5:24 p.m.8 views

GHSA-4QGH-M9VP-48XP MunkiReport Software Update module is vulnerable to SQL injection

A SQL injection vulnerability in softwareupdatecontroller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/gettabdata/ endpoint...

8.8CVSS9.2AI score0.01262EPSS
Exploits0References6
Rows per page
Query Builder