Vulnerabilities > IT Novum > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-25 CVE-2023-36663 SQL Injection vulnerability in It-Novum Openitcockpit 4.6.4
it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.
network
low complexity
it-novum CWE-89
8.8
8.8
2019-08-23 CVE-2019-15494 Server-Side Request Forgery (SSRF) vulnerability in It-Novum Openitcockpit
openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21.
network
low complexity
it-novum CWE-918
7.5
7.5
2019-08-23 CVE-2019-15490 Code Injection vulnerability in It-Novum Openitcockpit
openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21.
network
low complexity
it-novum CWE-94
7.5
7.5