Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snipeitapp snipe-it - vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-1380
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.
Snipeitapp Snipe-it
5.4
CVSSv3
CVE-2022-1445
Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it before 5.4.3. The vulnerability is capable of stolen the user Cookie.
Snipeitapp Snipe-it
7.2
CVSSv3
CVE-2021-4075
snipe-it is vulnerable to Server-Side Request Forgery (SSRF)
Snipeitapp Snipe-it -
8
CVSSv3
CVE-2022-2997
Session Fixation in GitHub repository snipe/snipe-it before 6.0.10.
Snipeitapp Snipe-it
8.8
CVSSv3
CVE-2022-0611
Missing Authorization in Packagist snipe/snipe-it before 5.3.11.
Snipeitapp Snipe-it
5.3
CVSSv3
CVE-2022-44381
Snipe-IT up to and including 6.0.14 allows malicious users to check whether a user account exists because of response variations in a /password/reset request.
Snipeitapp Snipe-it
4.3
CVSSv3
CVE-2022-3173
Improper Authentication in GitHub repository snipe/snipe-it before 6.0.10.
Snipeitapp Snipe-it
6.5
CVSSv3
CVE-2022-1511
Missing Authorization in GitHub repository snipe/snipe-it before 5.4.4.
Snipeitapp Snipe-it
6.1
CVSSv3
CVE-2019-10118
Snipe-IT prior to 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API.
Snipeitapp Snipe-it
4.8
CVSSv3
CVE-2022-3035
Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11.
Snipeitapp Snipe-it
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »