Vulnerabilities > Snipeitapp

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2022-23064 Injection vulnerability in Snipeitapp Snipe-It
In Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection.
network
snipeitapp CWE-74
6.8
2022-04-28 CVE-2022-1511 Incorrect Authorization vulnerability in Snipeitapp Snipe-It
Improper Access Control in GitHub repository snipe/snipe-it prior to 5.4.4.
network
low complexity
snipeitapp CWE-863
4.0
2022-04-24 CVE-2022-1445 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3.
network
snipeitapp CWE-79
3.5
2022-04-16 CVE-2022-1380 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3.
network
snipeitapp CWE-79
3.5
2022-03-30 CVE-2022-1155 Unspecified vulnerability in Snipeitapp Snipe-It
Old sessions are not blocked by the login enable function.
network
low complexity
snipeitapp
6.5
2022-02-17 CVE-2022-0622 Information Exposure Through an Error Message vulnerability in Snipeitapp Snipe-It
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.
network
low complexity
snipeitapp CWE-209
5.0
2022-02-16 CVE-2022-0611 Improper Privilege Management vulnerability in Snipeitapp Snipe-It
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.11.
network
low complexity
snipeitapp CWE-269
6.5
2022-02-14 CVE-2022-0579 Improper Privilege Management vulnerability in Snipeitapp Snipe-It
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.9.
network
low complexity
snipeitapp CWE-269
4.0
2022-02-14 CVE-2022-0569 Information Exposure vulnerability in Snipeitapp Snipe-It
Exposure of Sensitive Information to an Unauthorized Actor in Packagist snipe/snipe-it prior to v5.3.9.
4.3
2022-01-13 CVE-2022-0178 Improper Access Control vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Improper Access Control
network
low complexity
snipeitapp CWE-284
5.5