Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
snipe snipe/snipe-it

Version unspecified

OTHER 26 CVEs

Known Vulnerabilities

CVE-2023-5511

Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3.

MEDIUM CVSS 6.3 Published Oct 11, 2023

CVE-2023-5452

Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2.

MEDIUM CVSS 5.5 Published Oct 06, 2023

CVE-2022-3173

Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10.

MEDIUM CVSS 4.3 Published Sep 17, 2022

CVE-2022-3035

Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11.

MEDIUM CVSS 5.9 Published Aug 29, 2022

CVE-2022-2997

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

MEDIUM CVSS 4.6 Published Aug 25, 2022

CVE-2022-1511

Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4.

MEDIUM CVSS 6.5 Published Apr 28, 2022

CVE-2022-1445

Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie.

CRITICAL CVSS 9.0 Published Apr 24, 2022

CVE-2022-1380

Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.

CRITICAL CVSS 9.1 Published Apr 16, 2022

CVE-2022-1155

Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.

HIGH CVSS 7.4 Published Mar 30, 2022

CVE-2022-0622

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.

MEDIUM CVSS 5.3 Published Feb 17, 2022

CVE-2022-0611

Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.

MEDIUM CVSS 6.3 Published Feb 15, 2022

CVE-2022-0579

Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.

MEDIUM CVSS 6.5 Published Feb 14, 2022

CVE-2022-0569

Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.

MEDIUM CVSS 5.3 Published Feb 12, 2022

CVE-2022-0178

Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.

MEDIUM CVSS 6.3 Published Jan 13, 2022

CVE-2022-0179

snipe-it is vulnerable to Missing Authorization

MEDIUM CVSS 6.3 Published Jan 12, 2022

CVE-2021-4130

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

MEDIUM CVSS 4.3 Published Dec 18, 2021

CVE-2021-4108

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM CVSS 6.4 Published Dec 14, 2021

CVE-2021-4089

snipe-it is vulnerable to Improper Access Control

MEDIUM CVSS 4.3 Published Dec 10, 2021

CVE-2021-4075

snipe-it is vulnerable to Server-Side Request Forgery (SSRF)

LOW CVSS 2.7 Published Dec 06, 2021

CVE-2021-4018

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM CVSS 6.3 Published Dec 01, 2021

CVE-2021-3961

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

HIGH CVSS 8.0 Published Nov 19, 2021

CVE-2021-3931

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

MEDIUM CVSS 4.3 Published Nov 13, 2021

CVE-2021-3938

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

LOW CVSS 3.9 Published Nov 13, 2021

CVE-2021-3879

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM CVSS 6.8 Published Oct 19, 2021

CVE-2021-3863

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM CVSS 5.5 Published Oct 19, 2021

CVE-2021-3858

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

MEDIUM CVSS 4.3 Published Oct 19, 2021