Vulnerabilities > I Doit

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-15	CVE-2018-20159	Improper Input Validation vulnerability in I-Doit 1.11.2 i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. network low complexity i-doit CWE-20	6.5
2014-02-27	CVE-2014-2231	Cross-Site Scripting vulnerability in I-Doit Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title. network i-doit CWE-79	4.3
2014-02-27	CVE-2014-1597	SQL Injection vulnerability in I-Doit SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI. network low complexity i-doit CWE-89	7.5
2014-02-11	CVE-2014-1237	Cross-Site Scripting vulnerability in I-Doit Cross-site scripting (XSS) vulnerability in synetics i-doit pro before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the call parameter. network i-doit CWE-79	4.3
2014-02-11	CVE-2013-1413	Cross-Site Scripting vulnerability in I-Doit 0.9.9/1.0/1.0.2 Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. network i-doit CWE-79	4.3

Vulnerabilities > I Doit {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"I Doit"}]}