4 matches found
CVE-2020-11943
An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...
CVE-2020-11943
An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...
CVE-2020-11943
An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload...
CVE-2020-11942
Open-AudIT 3.2.2 contains SQL injection in device scripts via unsanitized parameters system.class and system.discovery_id, enabling an attacker to modify or execute arbitrary SQL statements (e.g., via crafted requests to /devices). PoC shows TRUE/FALSE payloads returning different response sizes,...