Securityonion Squert vulnerabilities
3 known vulnerabilities affecting securityonion/squert.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3
Vulnerabilities
Page 1 of 1
CVE-2018-1000042P2CRITICALCVSS 9.8≥ 1.1.1, ≤ 1.6.72018-02-09
CVE-2018-1000042 [CRITICAL] CWE-78 CVE-2018-1000042: Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralizati
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the
nvd
CVE-2018-1000043P2CRITICALCVSS 9.8≥ 1.1.1, ≤ 1.6.72018-02-09
CVE-2018-1000043 [CRITICAL] CWE-78 CVE-2018-1000043: Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralizati
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the
nvd
CVE-2018-1000044P3CRITICALCVSS 9.8≥ 1.1.1, ≤ 1.6.72018-02-09
CVE-2018-1000044 [CRITICAL] CWE-89 CVE-2018-1000044: Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability i
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec(). This vulnerability appears to have been fixed in
nvd