Munkireport Project Munkireport — known CVE vulnerabilities
Every CVE whose affected-product data names Munkireport Project Munkireport, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-10190 — CVSS 8.8 (high): An issue was discovered in MunkiReport before 5.3.0. An authenticated user could achieve SQL Injection in app/models/tablequery.php by…
CVE-2020-15884 — CVSS 8.8 (high): A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the…
CVE-2020-15882 — CVSS 8.1 (high): A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport…
CVE-2020-10192 — CVSS 6.1 (medium): An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the…
CVE-2020-10191 — CVSS 5.4 (medium): An issue was discovered in MunkiReport before 5.3.0. An authenticated actor can send a custom XSS payload through the /module/comment/save…