Observium

Observium

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-25143

  • EPSS 0.26%
  • Veröffentlicht 25.09.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:17:27

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. This can occur via /ajax/devi...

6.5

CVE-2020-25142

  • EPSS 0.12%
  • Veröffentlicht 25.09.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:17:27

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable if any links and forms lack an unpredictable CSRF token. Without such a token, attackers can forge malicious requests, such as for adding Device Se...

6.1

CVE-2020-25140

  • EPSS 0.36%
  • Veröffentlicht 25.09.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:17:26

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur in pages/...

6.1

CVE-2020-25139

Exploit
  • EPSS 0.24%
  • Veröffentlicht 25.09.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:17:26

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id...

6.1

CVE-2020-25138

Exploit
  • EPSS 0.24%
  • Veröffentlicht 25.09.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:17:26

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via /aler...

6.1

CVE-2020-25137

Exploit
  • EPSS 0.24%
  • Veröffentlicht 25.09.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:17:26

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the a...

8.8

CVE-2020-25136

Exploit
  • EPSS 1.25%
  • Veröffentlicht 25.09.2020 15:16:00
  • Zuletzt bearbeitet 21.11.2024 05:17:25

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php exten...

6.1

CVE-2020-25135

Exploit
  • EPSS 0.24%
  • Veröffentlicht 25.09.2020 15:15:57
  • Zuletzt bearbeitet 21.11.2024 05:17:25

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the g...

8.8

CVE-2020-25134

  • EPSS 3.52%
  • Veröffentlicht 25.09.2020 15:15:55
  • Zuletzt bearbeitet 21.11.2024 05:17:25

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php exten...

8.8

CVE-2020-25133

  • EPSS 1.01%
  • Veröffentlicht 25.09.2020 15:15:54
  • Zuletzt bearbeitet 21.11.2024 05:17:25

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php exten...