Agentejo

Cockpit

30 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-7053

Exploit
  • EPSS 0.05%
  • Published 04.07.2025 02:02:05
  • Last modified 01.10.2025 13:56:03

A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation of the argument name/email leads to cross site scripting. The attack may ...

9.8

CVE-2024-4825

  • EPSS 0.1%
  • Published 14.05.2024 15:45:16
  • Last modified 27.06.2025 15:04:13

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure.

5.4

CVE-2024-2001

  • EPSS 0.09%
  • Published 29.02.2024 14:15:45
  • Last modified 04.03.2025 12:25:10

A Cross-Site Scripting vulnerability in Cockpit CMS affecting version 2.7.0. This vulnerability could allow an authenticated user to upload an infected PDF file and store a malicious JavaScript payload to be executed when the file is uploaded.

6.1

CVE-2023-41564

  • EPSS 20.14%
  • Published 08.09.2023 23:15:11
  • Last modified 21.11.2024 08:21:18

An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file.

6.1

CVE-2023-4451

Exploit
  • EPSS 60.61%
  • Published 20.08.2023 15:15:29
  • Last modified 21.11.2024 08:35:11

Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.

5.4

CVE-2023-4433

Exploit
  • EPSS 0.2%
  • Published 19.08.2023 01:15:09
  • Last modified 21.11.2024 08:35:08

Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.

6.1

CVE-2023-4432

Exploit
  • EPSS 0.29%
  • Published 19.08.2023 01:15:09
  • Last modified 21.11.2024 08:35:08

Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.

4.8

CVE-2023-4422

Exploit
  • EPSS 0.13%
  • Published 18.08.2023 19:15:13
  • Last modified 21.11.2024 08:35:06

Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.

5.4

CVE-2023-4395

Exploit
  • EPSS 0.11%
  • Published 17.08.2023 04:15:10
  • Last modified 21.11.2024 08:35:03

Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.

6.1

CVE-2023-4321

Exploit
  • EPSS 0.38%
  • Published 14.08.2023 11:15:09
  • Last modified 21.11.2024 08:34:51

Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.