Vulnerabilities > Opmantek > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-03 | CVE-2021-44674 | Path Traversal vulnerability in Opmantek Open-Audit 4.2.0 An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. | 6.5 |
| 2021-12-20 | CVE-2021-44916 | Cross-site Scripting vulnerability in Opmantek Open-Audit Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. | 6.1 |
| 2021-02-05 | CVE-2021-3333 | Cross-site Scripting vulnerability in Opmantek Open-Audit 4.0.1 Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). | 6.1 |
| 2021-01-20 | CVE-2021-3130 | Unspecified vulnerability in Opmantek Open-Audit Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. | 5.9 |
| 2020-04-28 | CVE-2020-12261 | Cross-site Scripting vulnerability in Opmantek Open-Audit 3.3.0 Open-AudIT 3.3.0 allows an XSS attack after login. | 5.4 |
| 2018-09-19 | CVE-2018-16607 | Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.7 Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field. | 5.4 |
| 2018-07-25 | CVE-2018-14493 | Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.6 Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name. | 6.1 |
| 2018-07-06 | CVE-2018-11124 | Cross-site Scripting vulnerability in Opmantek Open-Audit Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute. | 5.4 |
| 2018-05-10 | CVE-2018-10314 | Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.0 Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Download section. | 5.4 |
| 2017-04-10 | CVE-2016-5642 | Cross-site Scripting vulnerability in Opmantek Network Management Information System 4.3.6F/8.5.10G Opmantek NMIS before 8.5.12G has XSS via SNMP. | 5.4 |