Vulnerabilities (CVE)

Filtered by vendor Prophecyinternational Subscribe
Filtered by product Snare Central
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11364 1 Prophecyinternational 1 Snare Central 2024-11-21 9.0 HIGH 7.2 HIGH
An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.
CVE-2019-11363 1 Prophecyinternational 1 Snare Central 2024-11-21 6.5 MEDIUM 7.2 HIGH
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.