Vulnerabilities > Snipeitapp

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-11	CVE-2023-5511	Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. network low complexity snipeitapp CWE-352	8.8
2023-10-06	CVE-2023-5452	Cross-site Scripting vulnerability in Snipeitapp Snipe-It Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2. network low complexity snipeitapp CWE-79	5.4
2022-07-07	CVE-2022-32060	Cross-site Scripting vulnerability in Snipeitapp Snipe-It 6.0.2 An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. network low complexity snipeitapp CWE-79	4.8
2022-07-07	CVE-2022-32061	Cross-site Scripting vulnerability in Snipeitapp Snipe-It 6.0.2 An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. network snipeitapp CWE-79	3.5
2022-05-02	CVE-2022-23064	Injection vulnerability in Snipeitapp Snipe-It In Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection. network snipeitapp CWE-74	6.8
2022-04-28	CVE-2022-1511	Missing Authorization vulnerability in Snipeitapp Snipe-It Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4. network low complexity snipeitapp CWE-862	6.5
2022-04-24	CVE-2022-1445	Cross-site Scripting vulnerability in Snipeitapp Snipe-It Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. network snipeitapp CWE-79	3.5
2022-04-16	CVE-2022-1380	Cross-site Scripting vulnerability in Snipeitapp Snipe-It Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. network snipeitapp CWE-79	3.5
2022-03-30	CVE-2022-1155	Unspecified vulnerability in Snipeitapp Snipe-It Old sessions are not blocked by the login enable function. network low complexity snipeitapp	6.5
2022-02-17	CVE-2022-0622	Information Exposure Through an Error Message vulnerability in Snipeitapp Snipe-It Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11. network low complexity snipeitapp CWE-209	5.0

Vulnerabilities > Snipeitapp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Snipeitapp"}]}

Vulnerabilities > Snipeitapp