Devcode Openstamanager — known CVE vulnerabilities
Every CVE whose affected-product data names Devcode Openstamanager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2026-27012 — CVSS 9.8 (critical): OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation…
CVE-2026-28805 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, multiple AJAX select…
CVE-2025-69214 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection…
CVE-2026-35470 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to 2.10.2, confronta_righe.php files…
CVE-2025-69215 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, there is a SQL…
CVE-2026-35168 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the Aggiornamenti…
CVE-2025-69212 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a critical OS Command…
CVE-2025-69213 — CVSS 8.8 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, a SQL Injection…
CVE-2026-29782 — CVSS 7.2 (high): OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file…
CVE-2026-38751 — CVSS 7.2 (high): OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality…
CVE-2026-24417 — CVSS 6.5 (medium): OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a…
CVE-2025-69216 — CVSS 6.5 (medium): OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL…
CVE-2026-24416 — CVSS 6.5 (medium): OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a…
CVE-2026-24418 — CVSS 6.5 (medium): OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a…
CVE-2026-24419 — CVSS 6.5 (medium): OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a…
CVE-2023-38878 — CVSS 6.1 (medium): A reflected cross-site scripting (XSS) vulnerability in DevCode OpenSTAManager versions 2.4.24 to 2.4.47 may allow a remote attacker to…
CVE-2026-24415 — CVSS 6.1 (medium): OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contains…