Open-audit Security Vulnerabilities and Issues — Open-audit CVE List

Lucene search

OpmantekOpen-audit

5 matches found

CVE•added 2020/04/28 10:15 p.m.•92 views

CVE-2020-12261

Open-AudIT 3.3.0 allows an XSS attack after login.

5.4CVSS5.3AI score0.00298EPSS

CVE•added 2020/04/27 5:15 p.m.•45 views

CVE-2020-11941

An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery.

8.8CVSS8.9AI score0.03955EPSS

CVE•added 2020/04/28 2:15 p.m.•41 views

CVE-2020-12078

An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to t...

9CVSS8.7AI score0.63674EPSS

CVE•added 2020/04/29 10:15 p.m.•34 views

CVE-2020-11942

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections.

9.8CVSS9.7AI score0.00394EPSS

CVE•added 2020/04/29 10:15 p.m.•32 views

CVE-2020-11943

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload.

8.8CVSS8.6AI score0.03783EPSS