Vulnerabilities > Munkireport Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-23 | CVE-2020-15885 | Cross-site Scripting vulnerability in Munkireport Project Comment A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment. | 5.4 |
2020-07-23 | CVE-2020-15884 | SQL Injection vulnerability in Munkireport Project Munkireport A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. | 8.8 |
2020-07-23 | CVE-2020-15882 | Cross-Site Request Forgery (CSRF) vulnerability in Munkireport Project Munkireport A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database. | 8.1 |
2020-03-09 | CVE-2020-10192 | Cross-site Scripting vulnerability in Munkireport Project Munkireport An issue was discovered in Munkireport before 5.3.0.3923. | 6.1 |
2020-03-09 | CVE-2020-10191 | Cross-site Scripting vulnerability in Munkireport Project Munkireport An issue was discovered in MunkiReport before 5.3.0. | 5.4 |
2020-03-09 | CVE-2020-10190 | SQL Injection vulnerability in Munkireport Project Munkireport An issue was discovered in MunkiReport before 5.3.0. | 8.8 |