VIR Vulnerability Intelligence Relay

Package impact

php Packagist / snipe/snipe-it

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-37709 critical 9.8 9.8 20d ago Snipe-IT has insecure permissions in file uploads php
CVE-2026-44832 high 8.8 8.8 20d ago Snipe-IT has Privilege Escalation via API Permissions Assignment php
CVE-2026-44833 high 7.1 7.1 19d ago Snipe-IT has an open redirect vulnerability php
CVE-2026-44831 medium 5.4 5.4 20d ago Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0) php
CVE-2025-15602 unknown 3mo ago Snipe-IT has sensitive user attributes related to account privileges that are insufficiently protected against mass assignment php
CVE-2025-65622 unknown 6mo ago Snipe-IT allows stored XSS via the Locations "Country" field php
CVE-2025-65621 unknown 6mo ago Snipe-IT is vulnerable to stored cross-site scripting php
CVE-2025-64027 unknown 6mo ago Snipe-IT has Cross-site Scripting vulnerability in CSV import workflow php
CVE-2025-59713 unknown 8mo ago Snipe-IT allows unsafe deserialization php
CVE-2025-59712 unknown 8mo ago Snipe-IT allows XSS php
CVE-2025-47226 unknown 1y ago Grokability Snipe-IT has incorrect authorization for accessing asset information php
CVE-2024-51093 unknown 2y ago Cross Site Scripting vulnerability in Snipe-IT php
CVE-2024-48987 unknown 2y ago Snipe-IT remote code execution php
CVE-2024-5685 unknown 2y ago Snipe-IT allows users to promote or demote themselves or other users php
CVE-2023-5511 unknown 3y ago Cross-Site Request Forgery (CSRF) in snipe/snipe-it php
CVE-2023-5452 unknown 3y ago Cross-site Scripting in snipe/snipe-it php
CVE-2022-44381 unknown 4y ago Snipe-IT allows attackers to check whether a user account exists php
CVE-2022-44380 unknown 4y ago Snipe-IT vulnerable to Cross Site Scripting for View Assigned Assets php
CVE-2022-3173 unknown 4y ago Snipe-IT vulnerable to Improper Authentication php
CVE-2022-3035 unknown 4y ago snipe-it vulnerable to cross-site scripting (XSS) php
CVE-2022-2997 unknown 4y ago Insufficient Session Expiration in snipe/snipe-it php
CVE-2022-32060 unknown 4y ago Snipe-IT 6.0.2 vulnerable to Cross-site Scripting via arbitrary file upload in Update Branding Settings php
CVE-2022-32061 unknown 4y ago Snipe-IT 6.0.2 vulnerable to Cross-site Scripting php
CVE-2019-10118 unknown 4y ago Snipe-IT XSS Vulnerability php
CVE-2022-23064 unknown 4y ago snipe-IT vulnerable to host header injection php
CVE-2022-1511 unknown 4y ago Improper Access Control in snipe/snipe-it php
CVE-2022-1445 unknown 4y ago Stored cross-site scripting in Snipe-IT php
CVE-2022-1380 unknown 4y ago Cross-site Scripting in snipe-it php
CVE-2022-1155 unknown 4y ago Old sessions not blocked by login enable function in Snipe-IT php
CVE-2022-0622 unknown 4y ago Generation of Error Message Containing Sensitive Information in Snipe-IT php
CVE-2022-0611 unknown 4y ago Improper Privilege Management in Snipe-IT php
CVE-2022-0569 unknown 4y ago Exposure of Sensitive Information in snipe/snipe-it php
CVE-2022-0579 unknown 4y ago Improper Privilege Management in Snipe-IT php
CVE-2022-0178 unknown 4y ago Improper Access Control in snipe-it php
CVE-2022-0179 unknown 4y ago Incorrect Default Permissions and Improper Access Control in snipe-it php
CVE-2021-4130 unknown 4y ago snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) php
CVE-2021-4089 unknown 5y ago snipe-it is vulnerable to Improper Access Control php
CVE-2021-4108 unknown 5y ago snipe-it is vulnerable to Cross-site Scripting php
CVE-2021-4075 unknown 5y ago Server-Side Request Forgery in snipe/snipe-it php
CVE-2021-4018 unknown 5y ago snipe-it is vulnerable to Cross-site Scripting php
CVE-2021-3961 unknown 5y ago Cross-site Scripting in snipe/snipe-it php
CVE-2021-3938 unknown 5y ago snipe-it is vulnerable to Cross-site Scripting php
CVE-2021-3931 unknown 5y ago snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) php
CVE-2021-3863 unknown 5y ago Cross-site Scripting in snipe-it php
CVE-2021-3858 unknown 5y ago Cross-Site Request Forgery in snipe-it php
CVE-2021-3879 unknown 5y ago Cross-site Scripting in snipe-it php