1. Home
  2. CVEs with refmap.fulldisc==20181011 Cockpit CMS Multiple Vulnerabilities (CVE-2018-15538, CVE-2018-15539, CVE-2018-15540)
Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-15539 6.8
Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an attacker is able to change API tokens, passwords, etc.
30-11-2018 - 16:52 15-10-2018 - 19:29
CVE-2018-15540 7.5
Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an attacker to traverse the file system to unintended locations and/or access arbitrary files, aka /media/api Directory Traversal.
30-11-2018 - 16:51 15-10-2018 - 19:29
CVE-2018-15538 4.3
Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities.
30-11-2018 - 16:39 15-10-2018 - 19:29
Back to Top Mark selected
Back to Top