Vulnerabilities > Zmanda > Amanda > 3.3.9

DATE CVE VULNERABILITY TITLE RISK
2023-07-26 CVE-2023-30577 Argument Injection or Modification vulnerability in Zmanda Amanda
AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705.
local
low complexity
zmanda CWE-88
7.8
7.8
2019-12-01 CVE-2019-19469 Cross-Site Request Forgery (CSRF) vulnerability in Zmanda Amanda 3.3.9
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters.
network
zmanda CWE-352
6.8
6.8