Vulnerabilities > Snipeitapp

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2022-23064 Injection vulnerability in Snipeitapp Snipe-It
In Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection.
network
low complexity
snipeitapp CWE-74
8.8
2022-04-28 CVE-2022-1511 Missing Authorization vulnerability in Snipeitapp Snipe-It
Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4.
network
low complexity
snipeitapp CWE-862
6.5
2022-04-24 CVE-2022-1445 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3.
network
low complexity
snipeitapp CWE-79
5.4
2022-04-16 CVE-2022-1380 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3.
network
low complexity
snipeitapp CWE-79
5.4
2022-03-30 CVE-2022-1155 Unspecified vulnerability in Snipeitapp Snipe-It
Old sessions are not blocked by the login enable function.
network
low complexity
snipeitapp
7.4
2022-02-17 CVE-2022-0622 Information Exposure Through an Error Message vulnerability in Snipeitapp Snipe-It
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.
network
low complexity
snipeitapp CWE-209
5.3
2022-02-16 CVE-2022-0611 Missing Authorization vulnerability in Snipeitapp Snipe-It
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.
network
low complexity
snipeitapp CWE-862
8.8
2022-02-14 CVE-2022-0579 Missing Authorization vulnerability in Snipeitapp Snipe-It
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.
network
low complexity
snipeitapp CWE-862
6.5
2022-02-14 CVE-2022-0569 Information Exposure Through Discrepancy vulnerability in Snipeitapp Snipe-It
Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.
network
low complexity
snipeitapp CWE-203
4.3
2022-01-13 CVE-2022-0178 Missing Authorization vulnerability in Snipeitapp Snipe-It
Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.
network
low complexity
snipeitapp CWE-862
5.4