Vendor
Synaman
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-8749 | Hig | 0.57 | 8.8 | 0.00 | Sep 12, 2024 | SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker to send a specially crafted query to the ID parameter in /var/www/html/src/classes/modules/api/model/cmdb/isys_api_model_cmdb_objects_by_relation.class.php and retrieve all the… | ||
| CVE-2022-26250 | Hig | 0.51 | 7.8 | 0.00 | Apr 6, 2022 | Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges. | ||
| CVE-2022-26251 | Hig | 0.47 | 7.2 | 0.02 | Apr 6, 2022 | The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges. |
- risk 0.57cvss 8.8epss 0.00
SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker to send a specially crafted query to the ID parameter in /var/www/html/src/classes/modules/api/model/cmdb/isys_api_model_cmdb_objects_by_relation.class.php and retrieve all the…
- risk 0.51cvss 7.8epss 0.00
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.
- risk 0.47cvss 7.2epss 0.02
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.