Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audit vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-11124
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted attribute name of an Attribute.
Opmantek Open-audit
1 EDB exploit
8.8
CVSSv3
CVE-2020-11943
An issue exists in Open-AudIT 3.2.2. There is Arbitrary file upload.
Opmantek Open-audit 3.2.2
6.1
CVSSv3
CVE-2018-14493
Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote malicious users to inject arbitrary web script or HTML via the group name.
Opmantek Open-audit 2.2.6
1 EDB exploit
5.4
CVSSv3
CVE-2018-10314
Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote malicious users to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Down...
Opmantek Open-audit 2.2.0
1 EDB exploit
8.8
CVSSv3
CVE-2020-11941
An issue exists in Open-AudIT 3.2.2. There is OS Command injection in Discovery.
Opmantek Open-audit 3.2.2
8.8
CVSSv3
CVE-2020-12078
An issue exists in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is ...
Opmantek Open-audit 3.3.1
2 Github repositories
5.4
CVSSv3
CVE-2020-12261
Open-AudIT 3.3.0 allows an XSS attack after login.
Opmantek Open-audit 3.3.0
9.8
CVSSv3
CVE-2020-11942
An issue exists in Open-AudIT 3.2.2. There are Multiple SQL Injections.
Opmantek Open-audit 3.2.2
NA
CVE-2010-4449
Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not co...
Oracle Audit Vault 10.2.3.2
6.5
CVSSv3
CVE-2021-44674
An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated malicious user to read file outside of the restricted directory.
Opmantek Open-audit 4.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »