Sentinel
by Trioniclabs
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-19879 | Hig | 0.49 | 7.5 | 0.01 | Feb 14, 2020 | HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain policy expressions. Fixed in 0.10.2. | ||
| CVE-2011-5226 | 0.00 | — | 0.01 | Oct 25, 2012 | Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to hijack the authentication of an administrator for requests that trigger snapshots. | |||
| CVE-2011-5225 | 0.00 | — | 0.02 | Oct 25, 2012 | Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||
| CVE-2011-5224 | 0.00 | — | 0.03 | Oct 25, 2012 | SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
- risk 0.49cvss 7.5epss 0.01
HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain policy expressions. Fixed in 0.10.2.
- CVE-2011-5226Oct 25, 2012risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to hijack the authentication of an administrator for requests that trigger snapshots.
- CVE-2011-5225Oct 25, 2012risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
- CVE-2011-5224Oct 25, 2012risk 0.00cvss —epss 0.03
SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.