Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
request tracker vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-4732
Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions prior to 3.8.15, and 4.0.6 and other versions prior to 4.0.8, allows remote malicious users to hijack the authentication of users for requests that toggle ticket bookmarks.
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.12
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.8
5
CVSSv2
CVE-2012-4734
Request Tracker (RT) 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8 allows remote malicious users to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via unknown vectors related to...
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.10
Bestpractical Rt 4.0.4
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.1
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.11
Bestpractical Rt 4.0.3
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.13
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.2
Bestpractical Rt 3.8.5
5
CVSSv2
CVE-2019-9187
ikiwiki prior to 3.20170111.1 and 3.2018x and 3.2019x prior to 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs.
Ikiwiki Ikiwiki 3.20180228
Ikiwiki Ikiwiki 3.20180105
Ikiwiki Ikiwiki
Ikiwiki Ikiwiki 3.20180311
NA
CVE-2022-2199
The main MiCODUS MV720 GPS tracker web server has a reflected cross-site scripting vulnerability that could allow an malicious user to gain control by tricking a user into making a request.
Micodus Mv720 Firmware -
1 Article
4.3
CVSSv2
CVE-2011-2083
Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 3.x prior to 3.8.12 and 4.x prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Bestpractical Rt 3.6.2
Bestpractical Rt 3.6.0
Bestpractical Rt 3.4.0
Bestpractical Rt 3.2.2
Bestpractical Rt 3.2.3
Bestpractical Rt 3.2.0
Bestpractical Rt 3.4.6
Bestpractical Rt 3.4.5
Bestpractical Rt 3.4.3
Bestpractical Rt 3.4.2
Bestpractical Rt 3.1.2
Bestpractical Rt 3.1.10
Bestpractical Rt 3.1.17
Bestpractical Rt 3.0.10
Bestpractical Rt 3.0.4
Bestpractical Rt 3.0.5
Bestpractical Rt 3.0.6
Bestpractical Rt 3.0.1
Bestpractical Rt 3.2.1
Bestpractical Rt 3.7.86
Bestpractical Rt 3.7.5
Bestpractical Rt 3.6.4
4
CVSSv2
CVE-2011-2084
Best Practical Solutions RT 3.x prior to 3.8.12 and 4.x prior to 4.0.6 allows remote authenticated users to read (1) hashes of former passwords and (2) ticket correspondence history by leveraging access to a privileged account.
Bestpractical Rt 3.6.1
Bestpractical Rt 3.5.7
Bestpractical Rt 3.5.6
Bestpractical Rt 3.6.0
Bestpractical Rt 3.6.2
Bestpractical Rt 3.2.2
Bestpractical Rt 3.2.3
Bestpractical Rt 3.2.0
Bestpractical Rt 3.5.4
Bestpractical Rt 3.5.5
Bestpractical Rt 3.4.6
Bestpractical Rt 3.4.0
Bestpractical Rt 3.2.1
Bestpractical Rt 3.6.10
Bestpractical Rt 3.5.2
Bestpractical Rt 3.4.5
Bestpractical Rt 3.4.4
Bestpractical Rt 3.0.11
Bestpractical Rt 3.1.3
Bestpractical Rt 3.1.6
Bestpractical Rt 3.1.16
Bestpractical Rt 3.1.13
6.8
CVSSv2
CVE-2011-2085
Multiple cross-site request forgery (CSRF) vulnerabilities in Best Practical Solutions RT prior to 3.8.12 and 4.x prior to 4.0.6 allow remote malicious users to hijack the authentication of arbitrary users.
Bestpractical Rt 3.8.7
Bestpractical Rt 3.5.5
Bestpractical Rt 3.0.4
Bestpractical Rt 3.2.1
Bestpractical Rt 2.0.7
Bestpractical Rt 3.6.0
Bestpractical Rt 3.8.9
Bestpractical Rt 3.4.0
Bestpractical Rt 3.0.8
Bestpractical Rt 3.4.2
Bestpractical Rt 3.6.4
Bestpractical Rt 3.8.8
Bestpractical Rt 3.2.0
Bestpractical Rt 3.1.2
Bestpractical Rt 3.6.6
Bestpractical Rt 2.0.6
Bestpractical Rt 3.4.5
Bestpractical Rt 3.0.2
Bestpractical Rt 2.0.14
Bestpractical Rt 3.5.4
Bestpractical Rt 3.6.7
Bestpractical Rt 3.0.10
3.5
CVSSv2
CVE-2011-4459
Best Practical Solutions RT 3.x prior to 3.8.12 and 4.x prior to 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.
Bestpractical Rt 3.6.1
Bestpractical Rt 3.6.2
Bestpractical Rt 3.6.0
Bestpractical Rt 3.4.0
Bestpractical Rt 3.2.2
Bestpractical Rt 3.2.0
Bestpractical Rt 3.4.6
Bestpractical Rt 3.4.3
Bestpractical Rt 3.0.10
Bestpractical Rt 3.1.2
Bestpractical Rt 3.1.7
Bestpractical Rt 3.1.17
Bestpractical Rt 3.1.12
Bestpractical Rt 3.0.4
Bestpractical Rt 3.4.4
Bestpractical Rt 3.4.5
Bestpractical Rt 3.2.1
Bestpractical Rt 3.7.85
Bestpractical Rt 3.6.8
Bestpractical Rt 3.7.86
Bestpractical Rt 3.6.6
Bestpractical Rt 3.6.4
6.5
CVSSv2
CVE-2011-4460
SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x prior to 3.8.12 and 4.x prior to 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account.
Bestpractical Rt 2.0.5.1
Bestpractical Rt 2.0.5.3
Bestpractical Rt 2.0.1
Bestpractical Rt 2.0.2
Bestpractical Rt 3.6.2
Bestpractical Rt 3.6.0
Bestpractical Rt 3.5.3
Bestpractical Rt 3.4.0
Bestpractical Rt 3.4.6
Bestpractical Rt 3.2.1
Bestpractical Rt 3.2.0
Bestpractical Rt 3.4.5
Bestpractical Rt 3.4.2
Bestpractical Rt 3.1.4
Bestpractical Rt 3.1.3
Bestpractical Rt 3.1.15
Bestpractical Rt 3.1.16
Bestpractical Rt 3.0.6
Bestpractical Rt 3.0.7
Bestpractical Rt 3.0.10
Bestpractical Rt 3.0.9
Bestpractical Rt 3.0.7.1
4.3
CVSSv2
CVE-2011-0009
Best Practical Solutions RT 3.x prior to 3.8.9rc2 and 4.x prior to 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent malicious users to determine cleartext passwords via a brute-force attack on the database.
Bestpractical Rt 3.5.5
Bestpractical Rt 3.0.4
Bestpractical Rt 3.2.1
Bestpractical Rt 3.6.0
Bestpractical Rt 3.4.0
Bestpractical Rt 3.0.8
Bestpractical Rt 3.4.2
Bestpractical Rt 3.6.4
Bestpractical Rt 3.8.8
Bestpractical Rt 3.2.0
Bestpractical Rt 3.1.2
Bestpractical Rt 3.6.6
Bestpractical Rt 3.4.5
Bestpractical Rt 3.0.2
Bestpractical Rt 3.5.4
Bestpractical Rt 3.6.7
Bestpractical Rt 3.0.10
Bestpractical Rt 3.6.2
Bestpractical Rt 3.2.2
Bestpractical Rt 3.6.3
Bestpractical Rt 3.1.6
Bestpractical Rt 3.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »