CVE-2023-46235
- EPSS 0.55%
- Veröffentlicht 31.10.2023 15:15:09
- Zuletzt bearbeitet 21.11.2024 08:28:08
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10.15, due to a lack of request sanitization in the logs, a malicious request containing XSS would be stored in a log file. When an administrator...
CVE-2023-46236
- EPSS 0.29%
- Veröffentlicht 31.10.2023 15:15:09
- Zuletzt bearbeitet 21.11.2024 08:28:08
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, a server-side-request-forgery (SSRF) vulnerability allowed an unauthenticated user to trigger a GET request as the server to an arbitrary end...
CVE-2023-46237
- EPSS 0.42%
- Veröffentlicht 31.10.2023 15:15:09
- Zuletzt bearbeitet 21.11.2024 08:28:08
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, an endpoint intended to offer limited enumeration abilities to authenticated users was accessible to unauthenticated users. This enabled unau...
CVE-2021-32243
- EPSS 0.83%
- Veröffentlicht 16.06.2021 21:15:08
- Zuletzt bearbeitet 21.11.2024 06:06:54
FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated).