Vulnerabilities > Combodo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-47489 | Unspecified vulnerability in Combodo Itop 3.1.0211973 CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components. | 7.8 |
| 2023-03-14 | CVE-2022-39214 | Incorrect Authorization vulnerability in Combodo Itop Combodo iTop is an open source, web-based IT service management platform. | 7.5 |
| 2022-04-05 | CVE-2022-24780 | Code Injection vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 8.8 |
| 2020-08-10 | CVE-2020-12781 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery. | 8.8 |
| 2020-08-10 | CVE-2020-12777 | Information Exposure vulnerability in Combodo Itop A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. | 7.5 |