Open-audit Security Vulnerabilities and Issues — Open-audit CVE List

Lucene search

OpmantekOpen-audit

6 matches found

CVE•added 2020/02/22 2:15 a.m.•332 views

CVE-2020-8813

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

9.3CVSS8.8AI score0.94137EPSS

CVE•added 2020/04/28 10:15 p.m.•92 views

CVE-2020-12261

Open-AudIT 3.3.0 allows an XSS attack after login.

5.4CVSS5.3AI score0.00298EPSS

CVE•added 2020/04/27 5:15 p.m.•45 views

CVE-2020-11941

An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery.

8.8CVSS8.9AI score0.03955EPSS

CVE•added 2020/04/28 2:15 p.m.•41 views

CVE-2020-12078

An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to t...

9CVSS8.7AI score0.63674EPSS

CVE•added 2020/04/29 10:15 p.m.•34 views

CVE-2020-11942

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections.

9.8CVSS9.7AI score0.00394EPSS

CVE•added 2020/04/29 10:15 p.m.•32 views

CVE-2020-11943

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload.

8.8CVSS8.6AI score0.03783EPSS