136 matches found
CVE-2019-10227
openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component...
Cross site scripting
openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component...
CVE-2019-10227
openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component...
CVE-2019-10227
openITCOCKPIT before 3.7.1 is affected by a reflected XSS in the 404-not-found component. The CVE details confirm the issue (XSS) and that a fixed version is 3.7.1. The vulnerability is non-authenticated per CVSS2/3.1 vectors, with impact to integrity. Publicly documented remediation is upgrading...
openITCOCKPIT Cross-Site Request Forgery Vulnerability
openITCOCKPIT is a set of open source system monitoring tools . A cross-site request forgery vulnerability exists in versions prior to openITCOCKPIT 3.7.1. An attacker can exploit this vulnerability to send unintended requests to the server via an affected client...
openITCOCKPIT Cross-Site Scripting Vulnerability
openITCOCKPIT is a set of open source system monitoring tools . openITCOCKPIT 3.7.1 before the version of the cross-site scripting vulnerability , the vulnerability stems from the lack of WEB applications on the client data to the correct validation , an attacker can exploit the vulnerability to...
openITCOCKPIT Code Injection Vulnerability
openITCOCKPIT is a set of open source system monitoring tools . A code injection vulnerability exists in versions of openITCOCKPIT prior to 3.7.1. The vulnerability arises from external input data to construct code segments in the process , the network system or product is not properly filtered f...
openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery Exploit
Exploit for php platform in category web applications Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in...
openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery
openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link:...
openITCOCKPIT 3.6.1-2 Cross Site Request Forgery
Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in: 3.7.1 |...
openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery
Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in: 3.7.1 |...
CVE-2019-15493
openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21...
CVE-2019-15490
openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21...
CVE-2019-15492
openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21...
CVE-2019-15491
openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21...
CVE-2019-15494
openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21...
CVE-2019-15491
openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21...
CVE-2019-15494
openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21...
CVE-2019-15490
openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21...
CVE-2019-15492
openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21...