VYPR

Snare Central

by Snare Central

CVEs (2)

  • CVE-2019-11364HigAug 29, 2019
    risk 0.47cvss 7.2epss 0.02

    An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

  • CVE-2019-11363HigAug 29, 2019
    risk 0.47cvss 7.2epss 0.01

    A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.