Vulnerabilities > Combodo

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-13	CVE-2020-15221	Cross-site Scripting vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. network combodo CWE-79	3.5
2021-01-13	CVE-2020-15220	Insufficient Session Expiration vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. network combodo CWE-613	5.8
2021-01-13	CVE-2020-15219	Information Exposure Through an Error Message vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. network low complexity combodo CWE-209	4.0
2021-01-13	CVE-2020-15218	Insufficient Session Expiration vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. network combodo CWE-613	3.5
2021-01-12	CVE-2020-4079	Information Exposure vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. network low complexity combodo CWE-200	4.0
2020-08-10	CVE-2020-12781	Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery. network low complexity combodo CWE-352	8.8
2020-08-10	CVE-2020-12780	Incorrect Authorization vulnerability in Combodo Itop A security misconfiguration exists in Combodo iTop, which can expose sensitive information. network low complexity combodo CWE-863	5.0
2020-08-10	CVE-2020-12779	Cross-site Scripting vulnerability in Combodo Itop 2.7.0 Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script. network combodo CWE-79	3.5
2020-08-10	CVE-2020-12778	Cross-site Scripting vulnerability in Combodo Itop Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack. network low complexity combodo CWE-79	6.1
2020-08-10	CVE-2020-12777	Information Exposure vulnerability in Combodo Itop A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. network low complexity combodo CWE-200	7.5

Vulnerabilities > Combodo {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Combodo"}]}

Vulnerabilities > Combodo