CVSS: 9.8EPSS: 90%CPEs: 1EXPL: 3CVE-2020-35846 – Cockpit CMS 0.11.1 NoSQL Injection / Remote Command Execution
https://notcve.org/view.php?id=CVE-2020-35846
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. Agentejo Cockpit versiones anteriores a 0.11.2, permite una inyección NoSQL por medio de la función check del archivo Controller/Auth.php. • https://github.com/JohnHammond/CVE-2020-35846 https://github.com/0z09e/CVE-2020-35846 http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html https://getcockpit.com https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466 https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 83%CPEs: 1EXPL: 2CVE-2020-35848 – Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://notcve.org/view.php?id=CVE-2020-35848
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function. Agentejo Cockpit versiones anteriores a 0.11.2, permite una inyección NoSQL por medio de la función newpassword del archivo Controller/Auth.php. • https://www.exploit-db.com/exploits/50185 http://packetstormsecurity.com/files/163762/Cockpit-CMS-0.11.1-NoSQL-Injection.html https://getcockpit.com https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466 https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 81%CPEs: 1EXPL: 3CVE-2020-35847 – Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://notcve.org/view.php?id=CVE-2020-35847
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function. Agentejo Cockpit versiones anteriores a 0.11.2, permite una inyección NoSQL por medio de la función resetpassword del archivo Controller/Auth.php. • https://www.exploit-db.com/exploits/50185 http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html http://packetstormsecurity.com/files/163762/Cockpit-CMS-0.11.1-NoSQL-Injection.html https://getcockpit.com https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466 https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-14408
https://notcve.org/view.php?id=CVE-2020-14408
An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector. Se detectó un problema en Agentejo Cockpit versión 0.10.2. El saneamiento insuficiente del parámetro to en la ruta /auth/login permite una inyección de código arbitrario de JavaScript en el contenido de una página web, creando un vector de ataque de tipo XSS Reflejado • https://github.com/agentejo/cockpit/issues/1310 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-15539 – Cockpit CMS CSRF / XSS / Path Traversal
https://notcve.org/view.php?id=CVE-2018-15539
Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an attacker is able to change API tokens, passwords, etc. Agentejo Cockpit carece de un mecanismo de protección antiCSRF. Por lo tanto, un atacante puede cambiar los tokens API, contraseñas, etc. Cockpit CMS suffers from cross site request forgery, cross site scripting, and traversal vulnerabilities. • http://seclists.org/fulldisclosure/2018/Oct/30 • CWE-352: Cross-Site Request Forgery (CSRF) •