Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
i-doit i-doit - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-1597
SQL injection vulnerability in the CMDB web application in synetics i-doit pro prior to 1.2.5 and i-doit open allows remote malicious users to execute arbitrary SQL commands via the objID parameter to the default URI.
I-doit I-doit
I-doit I-doit 1.0
I-doit I-doit 1.2.1
I-doit I-doit 1.1.1
I-doit I-doit -
I-doit I-doit 1.2.2
I-doit I-doit 1.1.2
I-doit I-doit 1.2.3
I-doit I-doit 1.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2014-2231
Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro prior to 1.2.5 allows remote malicious users to inject arbitrary web script or HTML via a property title.
I-doit I-doit
I-doit I-doit 1.0
I-doit I-doit 1.2.1
I-doit I-doit 1.1.1
I-doit I-doit 1.2.2
I-doit I-doit 1.1.2
I-doit I-doit 1.2.3
I-doit I-doit 1.0.2
4.3
CVSSv2
CVE-2014-1237
Cross-site scripting (XSS) vulnerability in synetics i-doit pro prior to 1.2.4 allows remote malicious users to inject arbitrary web script or HTML via the call parameter.
I-doit I-doit 1.2.1
I-doit I-doit 1.1.1
I-doit I-doit 1.2.2
I-doit I-doit
I-doit I-doit 1.1.2
4.3
CVSSv2
CVE-2013-1413
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and previous versions, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote malicious users to inject arbitrary web script or HTML via un...
I-doit I-doit 0.9.9
I-doit I-doit
I-doit I-doit 1.0.2
7.5
CVSSv2
CVE-2019-1010248
Synetics GmbH I-doit 1.12 and previous versions is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fix...
I-doit I-doit
3.5
CVSSv2
CVE-2021-3151
i-doit prior to 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated malicious users to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MO...
I-doit I-doit
4.3
CVSSv2
CVE-2020-13825
A cross-site scripting (XSS) vulnerability in i-doit 1.14.2 allows remote malicious users to inject arbitrary web script or HTML via the viewMode, tvMode, tvType, objID, catgID, objTypeID, or editMode parameter.
I-doit I-doit
6.8
CVSSv2
CVE-2020-13826
A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an malicious user to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.
I-doit I-doit
NA
CVE-2023-37739
i-doit Pro v25 and below exists to be vulnerable to path traversal.
I-doit I-doit
1 Github repository
NA
CVE-2023-46003
I-doit pro 25 and below is vulnerable to Cross Site Scripting (XSS) via index.php.
I-doit I-doit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »