Skip to main content

Snare Central

2 CVEs product

Monthly

CVE-2019-11364 HIGH This Week

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Snare Central
NVD
CVSS 3.0
7.2
EPSS
2.2%
CVE-2019-11363 HIGH This Week

A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Snare Central
NVD
CVSS 3.0
7.2
EPSS
1.1%
EPSS 2% CVSS 7.2
HIGH This Week

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Snare Central
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Snare Central
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy