Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
agentejo cockpit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2818
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit before 2.2.2.
Agentejo Cockpit
NA
CVE-2023-4451
Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit before 2.6.4.
Agentejo Cockpit
NA
CVE-2022-2713
Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit before 2.2.0.
Agentejo Cockpit
NA
CVE-2021-32857
Cockpit is a content management system that allows addition of content management functionality to any site. In versions 0.12.2 and prior, bad HTML sanitization in `htmleditor.js` may lead to cross-site scripting (XSS) issues. There are no known patches for this issue.
Agentejo Cockpit
NA
CVE-2023-37649
Incorrect access control in the component /models/Content of Cockpit CMS v2.5.2 allows unauthorized malicious users to access sensitive data.
Agentejo Cockpit
NA
CVE-2023-37650
A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS v2.5.2 allows malicious users to execute arbitrary Administrator commands.
Agentejo Cockpit
668
VMScore
CVE-2020-35131
Cockpit prior to 0.6.1 allows an malicious user to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI.
Agentejo Cockpit
605
VMScore
CVE-2018-15539
Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an attacker is able to change API tokens, passwords, etc.
Agentejo Cockpit -
668
VMScore
CVE-2018-15540
Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an malicious user to traverse the file system to unintended locations and/or access arbitrary files, aka /media/api Directory Traversal.
Agentejo Cockpit -
NA
CVE-2023-1313
Unrestricted Upload of File with Dangerous Type in GitHub repository cockpit-hq/cockpit before 2.4.1.
Agentejo Cockpit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
remote code execution
CVE-2024-37080
CVE-2024-5182
CVE-2024-4390
CVE-2024-6100
brute force
CVE-2021-47581
file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »