Filtered by vendor Prophecyinternational
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-5250 | 1 Prophecyinternational | 1 Snare | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Snare for Linux before 1.7.0 has CSRF in the web interface. | |||||
| CVE-2011-5247 | 1 Prophecyinternational | 1 Snare | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. | |||||
| CVE-2019-11363 | 1 Prophecyinternational | 1 Snare Central | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. | |||||
| CVE-2019-11364 | 1 Prophecyinternational | 1 Snare Central | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter. | |||||