Prophecyinternational

prophecyinternational

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-5250 1Prophecyinternational 1Snare Nov 21, 2024 Jan 8, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Snare for Linux before 1.7.0 has CSRF in the web interface.
CVE-2011-5247 1Prophecyinternational 1Snare Nov 21, 2024 Jan 8, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.
CVE-2019-11364 1Prophecyinternational 1Snare Central Nov 21, 2024 Aug 29, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.
CVE-2019-11363 1Prophecyinternational 1Snare Central Nov 21, 2024 Aug 29, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.