Vulnerabilities > Agentejo

DATE CVE VULNERABILITY TITLE RISK
2023-09-08 CVE-2023-41564 Unrestricted Upload of File with Dangerous Type vulnerability in Agentejo Cockpit 2.6.3
An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file.
network
low complexity
agentejo CWE-434
6.1
2023-08-20 CVE-2023-4451 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.
network
low complexity
agentejo CWE-79
6.1
2023-08-19 CVE-2023-4432 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.
network
low complexity
agentejo CWE-79
6.1
2023-08-19 CVE-2023-4433 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.
network
low complexity
agentejo CWE-79
5.4
2023-08-18 CVE-2023-4422 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.
network
low complexity
agentejo CWE-79
4.8
2023-08-17 CVE-2023-4395 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.
network
low complexity
agentejo CWE-79
5.4
2023-08-14 CVE-2023-4321 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.
network
low complexity
agentejo CWE-79
6.1
2023-08-06 CVE-2023-4195 PHP Remote File Inclusion vulnerability in Agentejo Cockpit
PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prior to 2.6.3.
network
low complexity
agentejo CWE-98
8.8
2023-08-06 CVE-2023-4196 Cross-site Scripting vulnerability in Agentejo Cockpit
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.
network
low complexity
agentejo CWE-79
5.4
2023-07-20 CVE-2023-37649 Unspecified vulnerability in Agentejo Cockpit
Incorrect access control in the component /models/Content of Cockpit CMS v2.5.2 allows unauthorized attackers to access sensitive data.
network
low complexity
agentejo
7.5