CVE-2020-35847
N/A
N/A
Summary
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://getcockpit.com/
- https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b
- https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af
- https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466
- http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/163762/Cockpit-CMS-0.11.1-NoSQL-Injection.html
References
- https://getcockpit.com/
- https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b
- https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af
- https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466
- http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/163762/Cockpit-CMS-0.11.1-NoSQL-Injection.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.