Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-30653

Malicious code in bioql PyPI...

5.8CVSS8AI score0.00731EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-38518

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00287EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/16 3:14 p.m.10 views

CVE-2025-24022

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

8.5CVSS7.3AI score0.00499EPSS
Exploits0References1
NVD
NVD
added 2025/05/14 3:15 p.m.16 views

CVE-2025-24022

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

8.5CVSS0.00499EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/14 2:57 p.m.12 views

CVE-2025-24022 iTop server vulnerable to portal code injection

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

8.5CVSS7.3AI score0.00499EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/14 2:48 p.m.14 views

CVE-2025-24021 iTop doesn't have mass assignment of fields in the portal form

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can set value to object fields when they're not supposed to. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue...

5CVSS6.9AI score0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/05 6:13 p.m.23 views

CVE-2024-51740 SSRF through arbitrary PHP class instantiation in the user portal in Combodo iTop

Combodo iTop is a simple, web based IT Service Management tool. This vulnerability can be used to create HTTP requests on behalf of the server, from a low privileged user. The user portal form manager has been fixed to only instantiate classes derived from it. This issue has been addressed in...

4.3CVSS0.00528EPSS
Exploits0References1
Rows per page
Query Builder