| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-51993 | Password is stored in clear in the database in Combodo iTop | Combodo | iTop | - | - | 2024-11-07 17:59:19 | Deep Dive |
| CVE-2024-51994 | Cross-site Scripting in portal picture upload in Combodo iTop | Combodo | iTop | - | - | 2024-11-07 17:57:55 | Deep Dive |
| CVE-2024-51995 | Logic bug in ajax.render.php allows for bypass of 'backOffice' access control in Combodo iTop | Combodo | iTop | - | - | 2024-11-07 17:55:16 | Deep Dive |
| CVE-2024-51740 | SSRF through arbitrary PHP class instantiation in the user portal in Combodo iTop | Combodo | iTop | Medium | 4.3 | 2024-11-05 18:13:05 | Deep Dive |
| CVE-2024-51739 | Users enumeration allowed through Rest API in Combodo iTop | Combodo | iTop | High | 7.5 | 2024-11-05 18:11:37 | Deep Dive |
| CVE-2024-32870 | iTop hub connector Information disclosure | Combodo | iTop | Medium | 5.8 | 2024-11-04 23:36:46 | Deep Dive |
| CVE-2024-31998 | CSRF security issue on CSV import in Combodo iTop | Combodo | iTop | High | 8.8 | 2024-11-04 23:35:23 | Deep Dive |
| CVE-2024-31448 | Cross-site Scripting vulnerability in link CSV import in Combodo iTop | Combodo | iTop | High | 8.8 | 2024-11-04 23:34:19 | Deep Dive |
| CVE-2023-34445 | Cross-site Scripting vulnerability on pages/ajax.render.php in Combodo iTop | Combodo | iTop | High | 8.8 | 2024-11-04 23:31:51 | Deep Dive |
| CVE-2023-34444 | Cross-site Scripting vulnerability on pages/ajax.searchform.php in Combodo iTop | Combodo | iTop | High | 8.8 | 2024-11-04 23:30:22 | Deep Dive |
| CVE-2023-34443 | Cross-site Scripting vulnerability in the run_query.php page in Combodo iTop | Combodo | iTop | High | 8.8 | 2024-11-04 23:29:01 | Deep Dive |
| CVE-2023-48710 | iTop limit pages/exec.php script to PHP files | Combodo | iTop | Critical | 9.8 | 2024-04-15 17:47:51 | Deep Dive |
| CVE-2023-48709 | iTop vulnerable to potential formula injection in Excel/CSV export file | Combodo | iTop | High | 8.0 | 2024-04-15 17:43:06 | Deep Dive |
| CVE-2023-47626 | iTop vulnerable to XSS vulnerability in authent-token | Combodo | iTop | High | 8.8 | 2024-04-15 17:36:08 | Deep Dive |
| CVE-2023-47622 | iTop vulnerable to XSS vulnerability in dashlet refresh | Combodo | iTop | High | 8.8 | 2024-04-15 17:34:01 | Deep Dive |
| CVE-2023-47123 | iTop vulnerable to XSS vulnerability in n:n relations "tagset" widget | Combodo | iTop | High | 8.7 | 2024-04-15 17:31:21 | Deep Dive |
| CVE-2023-45808 | iTop missing silo check on extkey in console and portal | Combodo | iTop | Medium | 4.1 | 2024-04-15 17:28:41 | Deep Dive |
| CVE-2023-44396 | iTop vulnerable to XSS in dashlet modifications ajax endpoints | Combodo | iTop | Medium | 6.8 | 2024-04-15 17:13:45 | Deep Dive |
| CVE-2023-43790 | iTop vulnerable to XSS in friendlyname in object details | Combodo | iTop | Medium | 5.7 | 2024-04-15 17:10:39 | Deep Dive |
| CVE-2023-38511 | iTop Dashboard editor vulnerable dashboard config file parameter | Combodo | iTop | Medium | 5.0 | 2024-04-15 17:06:36 | Deep Dive |