Vulnerabilities > Prophecyinternational

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2011-5250	Cross-Site Request Forgery (CSRF) vulnerability in Prophecyinternational Snare Snare for Linux before 1.7.0 has CSRF in the web interface. network prophecyinternational CWE-352	4.3
2020-01-08	CVE-2011-5247	Cleartext Storage of Sensitive Information vulnerability in Prophecyinternational Snare Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. network low complexity prophecyinternational CWE-312	5.0
2019-08-29	CVE-2019-11364	OS Command Injection vulnerability in Prophecyinternational Snare Central An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter. network low complexity prophecyinternational CWE-78 critical	9.0
2019-08-29	CVE-2019-11363	SQL Injection vulnerability in Prophecyinternational Snare Central A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. network low complexity prophecyinternational CWE-89	6.5

Vulnerabilities > Prophecyinternational {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Prophecyinternational"}]}