Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
itop vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2020-15220
Combodo iTop is a web based IT Service Management tool. In iTop prior to 2.7.2 and 3.0.0, two cookies are created for the same session, which leads to a possibility to steal user session. This is fixed in versions 2.7.2 and 3.0.0.
Combodo Itop
Combodo Itop 3.0.0
445
VMScore
CVE-2020-12777
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized malicious user to inject command and disclose system information.
Combodo Itop 3.0.0
Combodo Itop
383
VMScore
CVE-2020-12778
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
Combodo Itop 3.0.0
Combodo Itop
605
VMScore
CVE-2020-12781
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.
Combodo Itop 3.0.0
Combodo Itop
356
VMScore
CVE-2020-4079
Combodo iTop is a web based IT Service Management tool. In iTop prior to 2.7.2 and 2.8.0, when the ajax endpoint for the "excel export" portal functionality is called directly it allows getting data without scope filtering. This allows a user to access data they which t...
Combodo Itop
Combodo Itop 2.7.3
383
VMScore
CVE-2021-41161
Combodo iTop is a web based IT Service Management tool. In versions before 3.0.0-beta6 the export CSV page don't properly escape the user supplied parameters, allowing for javascript injection into rendered csv files. Users are advised to upgrade. There are no known workarou...
Combodo Itop 3.0.0
Combodo Itop
460
VMScore
CVE-2011-4275
Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1.2.0-RC-282 allow remote malicious users to inject arbitrary web script or HTML via (1) a crafted company name, (2) a crafted database server name, (3) a crafted CSV file, (4) a cr...
Combodo Itop 1.1.181
Combodo Itop 1.2.0
6 EDB exploits
534
VMScore
CVE-2022-24140
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the updat...
Iobit Itop Screenshot -
Iobit Driver Booster 9
Iobit Itop Vpn 3.2
Iobit Itop Screen Recorder 2.1
Iobit Advanced System Care 15
NA
CVE-2022-39214
Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1.
Combodo Itop
383
VMScore
CVE-2021-21407
Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0.
Combodo Itop
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »