Vulnerabilities > Munkireport Project

DATE CVE VULNERABILITY TITLE RISK
2020-07-23 CVE-2020-15885 Cross-site Scripting vulnerability in Munkireport Project Comment
A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment.
network
low complexity
munkireport-project CWE-79
5.4
2020-07-23 CVE-2020-15884 SQL Injection vulnerability in Munkireport Project Munkireport
A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data.
network
low complexity
munkireport-project CWE-89
8.8
2020-07-23 CVE-2020-15882 Cross-Site Request Forgery (CSRF) vulnerability in Munkireport Project Munkireport
A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database.
network
low complexity
munkireport-project CWE-352
8.1
2020-03-09 CVE-2020-10192 Cross-site Scripting vulnerability in Munkireport Project Munkireport
An issue was discovered in Munkireport before 5.3.0.3923.
network
low complexity
munkireport-project CWE-79
6.1
2020-03-09 CVE-2020-10191 Cross-site Scripting vulnerability in Munkireport Project Munkireport
An issue was discovered in MunkiReport before 5.3.0.
network
low complexity
munkireport-project CWE-79
5.4
2020-03-09 CVE-2020-10190 SQL Injection vulnerability in Munkireport Project Munkireport
An issue was discovered in MunkiReport before 5.3.0.
network
low complexity
munkireport-project CWE-89
8.8