Known Vulnerabilities
CVE-2020-12781
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.
MEDIUM
CVSS 5.7
Published Aug 10, 2020
CVE-2020-12780
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
HIGH
CVSS 7.5
Published Aug 10, 2020
CVE-2020-12779
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
MEDIUM
CVSS 6.8
Published Aug 10, 2020
CVE-2020-12778
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
HIGH
CVSS 7.4
Published Aug 10, 2020
CVE-2020-12777
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
HIGH
CVSS 7.5
Published Aug 10, 2020