Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-audit vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-3130
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the ...
Opmantek Open-audit
1 Github repository
355
VMScore
CVE-2018-10314
Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote malicious users to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Down...
Opmantek Open-audit 2.2.0
1 EDB exploit
312
VMScore
CVE-2018-16607
Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote malicious users to inject arbitrary web script via the Orgs name field.
Opmantek Open-audit 2.2.7
356
VMScore
CVE-2021-44674
An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated malicious user to read file outside of the restricted directory.
Opmantek Open-audit 4.2.0
578
VMScore
CVE-2020-11941
An issue exists in Open-AudIT 3.2.2. There is OS Command injection in Discovery.
Opmantek Open-audit 3.2.2
668
VMScore
CVE-2020-11942
An issue exists in Open-AudIT 3.2.2. There are Multiple SQL Injections.
Opmantek Open-audit 3.2.2
578
VMScore
CVE-2020-11943
An issue exists in Open-AudIT 3.2.2. There is Arbitrary file upload.
Opmantek Open-audit 3.2.2
802
VMScore
CVE-2020-12078
An issue exists in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is ...
Opmantek Open-audit 3.3.1
2 Github repositories
312
VMScore
CVE-2020-12261
Open-AudIT 3.3.0 allows an XSS attack after login.
Opmantek Open-audit 3.3.0
383
VMScore
CVE-2021-3333
Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link.
Opmantek Open-audit 4.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »