Vulnerabilidades em Combodo
66 resultadosCVE-2022-39214CRITICALAuthenticated users of Combodo iTop can take over any accountEPSS 25.6%CVE-2022-24780HIGHCode Injection in Combodo iTopEPSS 5.3%CVE-2021-32663HIGHUnauthorized setup leads to SSRF in Combodo/iTopEPSS 1.4%CVE-2020-12777HIGHCombodo iTop - Broken Access ControlEPSS 1.3%CVE-2024-51739HIGHUsers enumeration allowed through Rest API in Combodo iTopEPSS 1.3%CVE-2020-12780HIGHCombodo iTop - Security MisconfigurationEPSS 1.2%CVE-2021-21406MEDIUMCommand Injection vulnerability in the Setup WizardEPSS 1.0%CVE-2023-48709HIGHiTop vulnerable to potential formula injection in Excel/CSV export fileEPSS 1.0%CVE-2022-39216HIGHCombodo iTop's weak password reset token leads to account takeoverEPSS 0.9%CVE-2022-24870HIGHStored Cross-site Scripting in Combodo iTopEPSS 0.9%CVE-2020-4079HIGHInformation disclosure vulnerability in iTopEPSS 0.9%CVE-2021-32664HIGHReflected XSS in Combodo/iTopEPSS 0.8%CVE-2020-12778HIGHCombodo iTop - Reflected XSSEPSS 0.8%CVE-2021-32775HIGHAny user can see any fields (including mailbox password) with GroupBy DashletEPSS 0.8%CVE-2020-15218MEDIUMAdmin pages are cached and can be embeddedEPSS 0.8%CVE-2022-24811MEDIUMCross-site Scripting in Combodo iTopEPSS 0.7%CVE-2024-32870MEDIUMiTop hub connector Information disclosureEPSS 0.7%CVE-2023-48710CRITICALiTop limit pages/exec.php script to PHP filesEPSS 0.7%CVE-2020-15220MEDIUMSession fixationEPSS 0.7%CVE-2021-41245MEDIUMPossible Cross-Site Request Forgery in Combodo iTopEPSS 0.7%