Vulnerabilities > Combodo

DATE CVE VULNERABILITY TITLE RISK
2024-11-05 CVE-2024-51740 Server-Side Request Forgery (SSRF) vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-918
8.8
2024-11-05 CVE-2024-51739 Information Exposure Through Discrepancy vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-203
5.3
2024-11-05 CVE-2023-34443 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-79
6.1
2024-11-05 CVE-2023-34444 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-79
6.1
2024-11-05 CVE-2023-34445 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-79
6.1
2024-11-05 CVE-2024-31448 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-79
6.1
2024-11-05 CVE-2024-31998 Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-352
8.8
2024-11-05 CVE-2024-32870 Unspecified vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo
5.8
2023-11-09 CVE-2023-47488 Cross-site Scripting vulnerability in Combodo Itop 3.1.0211973
Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page.
network
low complexity
combodo CWE-79
6.1
2023-11-09 CVE-2023-47489 Unspecified vulnerability in Combodo Itop 3.1.0211973
CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.
local
low complexity
combodo
7.8