Vulnerabilities > Opmantek > Open Audit > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-03 | CVE-2021-44674 | Path Traversal vulnerability in Opmantek Open-Audit 4.2.0 An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. | 4.0 |
| 2021-12-20 | CVE-2021-44916 | Cross-site Scripting vulnerability in Opmantek Open-Audit Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. | 4.3 |
| 2021-02-05 | CVE-2021-3333 | Cross-site Scripting vulnerability in Opmantek Open-Audit 4.0.1 Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). | 4.3 |
| 2021-01-20 | CVE-2021-3130 | Unspecified vulnerability in Opmantek Open-Audit Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. network opmantek | 4.3 |
| 2020-04-29 | CVE-2020-11943 | Unrestricted Upload of File with Dangerous Type vulnerability in Opmantek Open-Audit 3.2.2 An issue was discovered in Open-AudIT 3.2.2. | 6.5 |
| 2020-04-27 | CVE-2020-11941 | OS Command Injection vulnerability in Opmantek Open-Audit 3.2.2 An issue was discovered in Open-AudIT 3.2.2. | 6.5 |
| 2019-09-13 | CVE-2019-16293 | OS Command Injection vulnerability in Opmantek Open-Audit The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field. | 6.5 |
| 2018-07-25 | CVE-2018-14493 | Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.6 Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name. | 4.3 |