Filter

Versions

3.1.0
12
3.0.0
11
3.0.0-alpha
10
3.0.0-beta
9
3.0.0-beta2
9
3.0.0-beta3
6
3.0.0-beta4
6
3.0.0-beta5
6
3.0.0-beta1
5
2.6.0
4
3.0.0-beta6
4
3.0.0-beta7
4
3.0.0-beta8
4
3.0.0-rc
4
1.1.181
2
1.2.0-rc282
2
2.2.0
2
2.4.1
2
2.7.0
2
3.0.1
2
3.1.0-2-11973
2
0.7.1
1
0.7.2
1
0.8
1
0.8.1.3
1
0.9
1
0.9-beta
1
0.9.1
1
1.0
1
1.0-beta
1
1.0.1
1
1.0.2
1
1.0.2-beta
1
1.1
1
1.1-beta
1
1.2
1
1.2-beta
1
1.2.0
1
1.2.1
1
1.2.1-beta
1
2.0
1
2.0-beta
1
2.0-beta2
1
2.4.0
1
2.7.0-beta
1
2.7.3
1
2.7.5
1
2.7.5-1
1
2.7.6
1
3.0.3
1

iTopiTop limit pages/exec.php script to PHP files

critical
9.8
First published (updated )
CVE-2023-48710

iTopiTop vulnerable to potential formula injection in Excel/CSV export file

high
8
First published (updated )
CVE-2023-48709

iTopiTop vulnerable to XSS vulnerability in authent-token

high
8.8
First published (updated )
CVE-2023-47626

iTopiTop vulnerable to XSS vulnerability in dashlet refresh

high
8.8
First published (updated )
CVE-2023-47622

iTopiTop vulnerable to XSS vulnerability in n:n relations "tagset" widget

high
8.7
First published (updated )
CVE-2023-47123

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopiTop missing silo check on extkey in console and portal

medium
5.4
First published (updated )
CVE-2023-45808

iTopiTop vulnerable to XSS in dashlet modifications ajax endpoints

medium
6.8
First published (updated )
CVE-2023-44396

iTopiTop vulnerable to XSS in friendlyname in object details

medium
5.7
First published (updated )
CVE-2023-43790

iTopiTop Dashboard editor vulnerable dashboard config file parameter

medium
5
First published (updated )
CVE-2023-38511

iTopReflected Cross-site Scripting exploit in Combodo iTop

high
8.1
First published (updated )
CVE-2024-52000

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopPortal user is able to access forbidden services information in Combodo iTop

medium
4.3
First published (updated )
CVE-2024-52001

iTopCross-Site Request Forgery (CSRF) in several iTop pages

high
8.8
First published (updated )
CVE-2024-52002

iTopCombodo iTop vulnerable to XSS leading to CSRF breach on _table_id parameter

high
7.9
First published (updated )
CVE-2024-54139

iTopXSS

medium
6.1
First published (updated )
CVE-2023-47488

iTopCSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute ar…

high
7.8
First published (updated )
CVE-2023-47489

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopiTop hub connector Information disclosure

medium
5.8
First published (updated )
CVE-2024-32870

iTopSSRF through arbitrary PHP class instantiation in the user portal in Combodo iTop

high
8.8
First published (updated )
CVE-2024-51740

iTopLogic bug in ajax.render.php allows for bypass of 'backOffice' access control in Combodo iTop

high
7.1
First published (updated )
CVE-2024-51995

iTopCross-site Scripting in portal picture upload in Combodo iTop

high
7.1
First published (updated )
CVE-2024-51994

iTopPassword is stored in clear in the database in Combodo iTop

low
3.4
First published (updated )
CVE-2024-51993

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopUsers enumeration allowed through Rest API in Combodo iTop

high
7.5
First published (updated )
CVE-2024-51739

iTopCSRF security issue on CSV import in Combodo iTop

high
8.8
First published (updated )
CVE-2024-31998

iTopCross-site Scripting vulnerability in link CSV import in Combodo iTop

high
8.8
First published (updated )
CVE-2024-31448

iTopCross-site Scripting vulnerability on pages/ajax.render.php in Combodo iTop

high
8.8
First published (updated )
CVE-2023-34445

iTopCross-site Scripting vulnerability on pages/ajax.searchform.php in Combodo iTop

high
8.8
First published (updated )
CVE-2023-34444

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopCross-site Scripting vulnerability in the run_query.php page in Combodo iTop

high
8.8
First published (updated )
CVE-2023-34443

iTopCombodo iTop - Broken Access Control

high
7.5
First published (updated )
CVE-2020-12777

iTopCombodo iTop - Reflected XSS

high
7.4
First published (updated )
CVE-2020-12778

iTopCombodo iTop - CSRF

high
8.8
First published (updated )
CVE-2020-12781

iTopCombodo iTop - Stored XSS

medium
6.8
First published (updated )
CVE-2020-12779

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203