Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
agentejo cockpit - vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-14408
An issue exists in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector.
Agentejo Cockpit 0.10.2
6.1
CVSSv3
CVE-2018-15538
Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities.
Agentejo Cockpit -
5.5
CVSSv3
CVE-2023-1160
Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit before 2.4.0.
Agentejo Cockpit
5.4
CVSSv3
CVE-2023-4433
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit before 2.6.4.
Agentejo Cockpit
5.4
CVSSv3
CVE-2023-4395
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit before 2.6.4.
Agentejo Cockpit
5.4
CVSSv3
CVE-2023-4196
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit before 2.6.3.
Agentejo Cockpit
5.4
CVSSv3
CVE-2023-0780
Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit before 2.3.9-dev.
Agentejo Cockpit
4.8
CVSSv3
CVE-2023-4422
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit before 2.6.3.
Agentejo Cockpit
NA
CVE-2024-4825
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3