Skip to main content

Munkireport

5 CVEs product

Monthly

CVE-2020-15884 HIGH This Week

A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Munkireport
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-15882 HIGH This Week

{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Munkireport
NVD GitHub
CVSS 3.1
8.1
EPSS
0.6%
CVE-2020-10192 MEDIUM POC This Month

An issue was discovered in Munkireport before 5.3.0.3923. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Munkireport
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-10191 MEDIUM POC This Month

An issue was discovered in MunkiReport before 5.3.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Munkireport
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-10190 HIGH POC This Week

An issue was discovered in MunkiReport before 5.3.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Munkireport
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
EPSS 1% CVSS 8.8
HIGH This Week

A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Munkireport
NVD GitHub
EPSS 1% CVSS 8.1
HIGH This Week

{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Munkireport
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in Munkireport before 5.3.0.3923. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Munkireport
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

An issue was discovered in MunkiReport before 5.3.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Munkireport
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in MunkiReport before 5.3.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Munkireport
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy