Known Vulnerabilities for products from Opmantek
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Opmantek".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40612 | An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/applicati... | 9.8 - CRITICAL | 2021-12-22 | 2022-01-03 |
| CVE-2021-3333 | Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). When outputting SQL statements for debugging, a maliciou... | 6.1 - MEDIUM | 2021-02-05 | 2021-02-08 |
| CVE-2021-3130 | Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strin... | 5.9 - MEDIUM | 2021-01-20 | 2022-07-12 |
| CVE-2020-12261 | Open-AudIT 3.3.0 allows an XSS attack after login. | 5.4 - MEDIUM | 2020-04-28 | 2020-05-28 |
| CVE-2020-12078 | An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configura... | 8.8 - HIGH | 2020-04-28 | 2021-07-21 |
| CVE-2020-11943 | An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload. | 8.8 - HIGH | 2020-04-29 | 2020-05-05 |
| CVE-2020-11942 | An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections. | 9.8 - CRITICAL | 2020-04-29 | 2020-05-05 |
| CVE-2020-11941 | An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery. | 8.8 - HIGH | 2020-04-27 | 2020-05-05 |
| CVE-2020-8813 | graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cook... | 8.8 - HIGH | 2020-02-22 | 2023-11-07 |
| CVE-2019-16293 | The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands v... | 8.8 - HIGH | 2019-09-13 | 2019-09-13 |
| CVE-2018-16607 | Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers... | 5.4 - MEDIUM | 2018-09-19 | 2018-11-07 |
| CVE-2018-14493 | Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject a... | 6.1 - MEDIUM | 2018-07-25 | 2018-09-21 |
| CVE-2018-11124 | Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remo... | 5.4 - MEDIUM | 2018-07-06 | 2018-09-02 |
| CVE-2018-10314 | Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script... | 5.4 - MEDIUM | 2018-05-10 | 2018-06-13 |
| CVE-2016-6534 | Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Vers... | 7.5 - HIGH | 2017-04-10 | 2017-04-14 |
| CVE-2016-5642 | Opmantek NMIS before 8.5.12G has XSS via SNMP. | 5.4 - MEDIUM | 2017-04-10 | 2017-04-14 |
Known software with vulnerabilities from Opmantek
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opmantek | Open-audit | 1.0.3 |