Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
agentejo cockpit vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-32857
Cockpit is a content management system that allows addition of content management functionality to any site. In versions 0.12.2 and prior, bad HTML sanitization in `htmleditor.js` may lead to cross-site scripting (XSS) issues. There are no known patches for this issue.
Agentejo Cockpit
9.8
CVSSv3
CVE-2020-35846
Agentejo Cockpit prior to 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
Agentejo Cockpit
4 Github repositories
9.8
CVSSv3
CVE-2022-2713
Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit before 2.2.0.
Agentejo Cockpit
7.5
CVSSv3
CVE-2023-37649
Incorrect access control in the component /models/Content of Cockpit CMS v2.5.2 allows unauthorized malicious users to access sensitive data.
Agentejo Cockpit
8.8
CVSSv3
CVE-2023-37650
A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS v2.5.2 allows malicious users to execute arbitrary Administrator commands.
Agentejo Cockpit
8.8
CVSSv3
CVE-2023-4195
PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit before 2.6.3.
Agentejo Cockpit
5.4
CVSSv3
CVE-2023-4196
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit before 2.6.3.
Agentejo Cockpit
6.1
CVSSv3
CVE-2023-4451
Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit before 2.6.4.
Agentejo Cockpit
8.8
CVSSv3
CVE-2023-1313
Unrestricted Upload of File with Dangerous Type in GitHub repository cockpit-hq/cockpit before 2.4.1.
Agentejo Cockpit
9.8
CVSSv3
CVE-2020-35847
Agentejo Cockpit prior to 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.
Agentejo Cockpit
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »