CRITICAL9.8CVE-2024-47533cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes >= 3.3.0, < 3.3.7
from 0, < 3.0.0
CRITICAL9.8CVE-2018-10931Cobbler has Exposed Dangerous Method or Function >= 2.6.0, < 3.0.0
CRITICAL9.8Cobbler Improper Validation of Security Tokens
from 0, < 3.0.0
CRITICAL9.8Cobbler before 3.3.0 allows log poisoning
from 0, < d8f60bbf14a838c8c8a1dba98086b223e35fe70a | from 0, < 3.3.0
CRITICAL9.8Cobbler before 3.3.0 allows log poisoning
from 0, < 3.3.0
HIGH8.8Cobbler Web Interface Lacks CSRF Protection
from 0, < 2.6.0
HIGH8.2Improper Authorization in cobbler
from 0, < 9044aa990a94752fa5bd5a24051adde099280bfa | from 0, < 3.3.2
HIGH8.2Improper Authorization in cobbler
from 0, < 3.3.2
HIGH7.8Command Injection in Cobbler
from 0, < 3.3.1
HIGH7.8Command Injection in Cobbler
from 0, < 3.3.1
HIGH7.5Cobbler before 3.3.0 allows authorization bypass for modification of settings.
from 0, < 3.3.0
HIGH7.5Cobbler before 3.3.0 allows authorization bypass for modification of settings.
from 0, < d8f60bbf14a838c8c8a1dba98086b223e35fe70a | from 0, < 3.3.0
HIGH7.5Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.
from 0, < 3.3.0
HIGH7.5Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.
from 0, < d8f60bbf14a838c8c8a1dba98086b223e35fe70a | from 0, < 3.3.0
HIGH7.1Incorrect Default Permissions in Cobbler
from 0, < 3.3.1
HIGH7.1Incorrect Default Permissions in Cobbler
from 0, < 3.3.1
MEDIUM6.1Cobbler XSS Vulnerability
from 0, <= 2.6.11
MEDIUM6.1Cobbler Arbitrary File Read
from 0, <= 2.6.11-1
—Cobbler is vulnerable to code injection
from 0, < 2.0.7
—Cobbler subject to Command Injection
from 0, < 2.6.0
—Cobbler vulnerable to code injection via unsafe YAML loading
from 0, < 2.6.0
—Cobbler Web Interface Kickstart Template Remote Privilege Escalation Vulnerability
from 0, < 1.2.9
—Cobbler Path Traversal vulnerability
>= 2.6.0, < 2.6.4