VYPR

Snipe It

by Snipeitapp

Source repositories

CVEs (46)

  • CVE-2022-3173Sep 17, 2022
    risk 0.00cvss epss 0.01

    Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10.

  • CVE-2022-3035Aug 29, 2022
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11.

  • CVE-2022-2997Aug 25, 2022
    risk 0.00cvss epss 0.01

    Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

  • CVE-2022-23064May 2, 2022
    risk 0.00cvss epss 0.01

    In Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection. By sending a specially crafted host header in the reset password request, it is possible to send password reset links to users which once clicked lead to an attacker controlled server and thus…

  • CVE-2022-1511Apr 28, 2022
    risk 0.00cvss epss 0.01

    Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4.

  • CVE-2022-1445Apr 24, 2022
    risk 0.00cvss epss 0.01

    Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie.

  • CVE-2022-1380Apr 16, 2022
    risk 0.00cvss epss 0.01

    Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.

  • CVE-2022-1155Mar 30, 2022
    risk 0.00cvss epss 0.01

    Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.

  • CVE-2022-0622Feb 17, 2022
    risk 0.00cvss epss 0.01

    Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.

  • CVE-2022-0611Feb 15, 2022
    risk 0.00cvss epss 0.01

    Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.

  • CVE-2022-0579Feb 14, 2022
    risk 0.00cvss epss 0.01

    Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.

  • CVE-2022-0569Feb 12, 2022
    risk 0.00cvss epss 0.01

    Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.

  • CVE-2022-0178Jan 13, 2022
    risk 0.00cvss epss 0.01

    Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.

  • CVE-2022-0179Jan 12, 2022
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Missing Authorization

  • CVE-2021-4130Dec 18, 2021
    risk 0.00cvss epss 0.00

    snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2021-4108Dec 14, 2021
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4089Dec 10, 2021
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Improper Access Control

  • CVE-2021-4075Dec 6, 2021
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Server-Side Request Forgery (SSRF)

  • CVE-2021-4018Dec 1, 2021
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-3961Nov 19, 2021
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')