Sitracker Luki w zabezpieczeniach

Oś czasu

Rodzaj

Ticket Tracking Software18

Produkt

Sitracker Support Incident Tracker18

Przeciwdziałanie

Official Fix6
Temporary Fix0
Workaround0
Unavailable8
Not Defined4

Wykorzystywanie

High6
Functional0
Proof-of-Concept2
Unproven4
Not Defined6

Wektor dostępu

Not Defined0
Physical0
Local0
Adjacent0
Network18

Uwierzytelnianie

Not Defined0
High0
Low8
None10

Interakcja z użytkownikiem

Not Defined0
Required6
None12

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤510
≤60
≤74
≤84
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤58
≤62
≤76
≤80
≤90
≤100

VulDB

≤10
≤20
≤30
≤40
≤510
≤60
≤74
≤84
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k0
<2k6
<5k12
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k18
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (1): Support Incident Tracker (18)

OpublikowanoBaseTempSłaby punktProdWykPrzEPSSCTICVE
2012-05-274.34.3Sitracker Support Incident Tracker Error Message index.php cross site scriptingTicket Tracking SoftwareNot DefinedNot Defined0.001170.00CVE-2012-2235
2012-01-295.35.0Sitracker Support Incident Tracker Installation translate.php information disclosureTicket Tracking SoftwareProof-of-ConceptNot Defined0.003050.00CVE-2011-5075
2012-01-296.36.0Sitracker Support Incident Tracker user_profile_edit.php cross site request forgeryTicket Tracking SoftwareNot DefinedOfficial Fix0.002040.00CVE-2011-5074
2012-01-294.33.9Sitracker Support Incident Tracker contact_support.php cross site scriptingTicket Tracking SoftwareProof-of-ConceptOfficial Fix0.004980.00CVE-2011-5073
2012-01-297.37.0Sitracker Support Incident Tracker sql injectionTicket Tracking SoftwareNot DefinedOfficial Fix0.001320.00CVE-2011-5072
2012-01-297.36.9Sitracker Support Incident Tracker translate.php privilege escalationTicket Tracking SoftwareProof-of-ConceptNot Defined0.025740.00CVE-2011-4337
2012-01-287.37.0Sitracker Support Incident Tracker Marketing report_marketing.php sql injectionTicket Tracking SoftwareNot DefinedOfficial Fix0.002480.00CVE-2011-5071
2012-01-284.34.3Sitracker Support Incident Tracker incident_attachments.php html_redirect cross site scriptingTicket Tracking SoftwareHighUnavailable0.003730.00CVE-2011-5070
2012-01-286.35.8Sitracker Support Incident Tracker File Upload incident_attachments.php memory corruptionTicket Tracking SoftwareUnprovenUnavailable0.009910.00CVE-2011-5069
2012-01-286.36.3Sitracker Support Incident Tracker user_delete.php cross site request forgeryTicket Tracking SoftwareHighUnavailable0.002250.00CVE-2011-5068

8 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 8 results.

PoprzedniPrzeglądKolejny

Do you know our Splunk app?

Download it now for free!