Vulnerabilities > IT Novum > Openitcockpit > 4.6.4

DATE CVE VULNERABILITY TITLE RISK
2023-07-06 CVE-2023-3520 Unspecified vulnerability in It-Novum Openitcockpit
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.
network
low complexity
it-novum
4.6
4.6
2023-06-25 CVE-2023-36663 SQL Injection vulnerability in It-Novum Openitcockpit 4.6.4
it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.
network
low complexity
it-novum CWE-89
8.8
8.8
2023-06-13 CVE-2023-3218 Unspecified vulnerability in It-Novum Openitcockpit
Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5.
network
high complexity
it-novum
4.4
4.4