Opmantek: >> Open-Audit >> 4.2.0 Security Vulnerabilities
An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-01-03
An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes.
CVSS Score
9.8
EPSS Score
0.01
Published
2021-12-22
Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser.
CVSS Score
6.1
EPSS Score
0.045
Published
2021-12-20