Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CatchethqCatchet

3 matches found

CVE
CVEadded 2021/08/27 11:15 p.m.111 views

CVE-2021-39172

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server. This issue was addres...

8.8CVSS9AI score0.61066EPSS
CVE
CVEadded 2021/08/27 11:15 p.m.104 views

CVE-2021-39173

Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the mid...

8.8CVSS8.8AI score0.01025EPSS
CVE
CVEadded 2021/08/28 12:15 a.m.87 views

CVE-2021-39174

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (APP_KEY) and various passwords (email, database, etc). This issue ...

8.8CVSS8.4AI score0.45357EPSS