Filter

Versions

3.1.0
12
3.0.0
11
3.0.0-alpha
10
3.0.0-beta
9
3.0.0-beta2
9
3.0.0-beta3
6
3.0.0-beta4
6
3.0.0-beta5
6
3.0.0-beta1
5
2.6.0
4
3.0.0-beta6
4
3.0.0-beta7
4
3.0.0-beta8
4
3.0.0-rc
4
1.1.181
2
1.2.0-rc282
2
2.2.0
2
2.4.1
2
2.7.0
2
3.0.1
2
3.1.0-2-11973
2
0.7.1
1
0.7.2
1
0.8
1
0.8.1.3
1
0.9
1
0.9-beta
1
0.9.1
1
1.0
1
1.0-beta
1
1.0.1
1
1.0.2
1
1.0.2-beta
1
1.1
1
1.1-beta
1
1.2
1
1.2-beta
1
1.2.0
1
1.2.1
1
1.2.1-beta
1
2.0
1
2.0-beta
1
2.0-beta2
1
2.4.0
1
2.7.0-beta
1
2.7.3
1
2.7.5
1
2.7.5-1
1
2.7.6
1
3.0.3
1

iTopiTop limit pages/exec.php script to PHP files

critical
9.8
First published (updated )
CVE-2023-48710

iTopCombodo iTop's weak password reset token leads to account takeover

critical
9.8
First published (updated )
CVE-2022-39216

iTopAuthenticated users of Combodo iTop can take over any account

critical
9.6
First published (updated )
CVE-2022-39214

iTopXSS in csvimport in 3.0.0-beta versions

critical
9.3
First published (updated )
CVE-2021-41161

iTopCross-site Scripting in Combodo iTop

critical
9.3
First published (updated )
CVE-2021-41162

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopiTop vulnerable to XSS vulnerability in dashlet refresh

high
8.8
First published (updated )
CVE-2023-47622

iTopiTop vulnerable to XSS vulnerability in authent-token

high
8.8
First published (updated )
CVE-2023-47626

iTopCross-site Scripting vulnerability on pages/ajax.searchform.php in Combodo iTop

high
8.8
First published (updated )
CVE-2023-34444

iTopCross-site Scripting vulnerability in the run_query.php page in Combodo iTop

high
8.8
First published (updated )
CVE-2023-34443

iTopCross-site Scripting vulnerability on pages/ajax.render.php in Combodo iTop

high
8.8
First published (updated )
CVE-2023-34445

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopCross-site Scripting vulnerability in link CSV import in Combodo iTop

high
8.8
First published (updated )
CVE-2024-31448

iTopCSRF security issue on CSV import in Combodo iTop

high
8.8
First published (updated )
CVE-2024-31998

iTopSSRF through arbitrary PHP class instantiation in the user portal in Combodo iTop

high
8.8
First published (updated )
CVE-2024-51740

iTopCross-Site Request Forgery (CSRF) in several iTop pages

high
8.8
First published (updated )
CVE-2024-52002

iTopNo CSRF form token cleanup on Windows servers

high
8.8
First published (updated )
CVE-2021-32776

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopCommand Injection vulnerability in the Setup Wizard

high
8.8
First published (updated )
CVE-2021-21406

iTopCombodo iTop - CSRF

high
8.8
First published (updated )
CVE-2020-12781

iTopCode Injection in Combodo iTop

high
8.8
First published (updated )
CVE-2022-24780

iTopiTop XSS vulnerability on pages/preferences.php

high
8.8
First published (updated )
CVE-2023-34446

iTopiTop XSS vulnerability on pages/UI.php

high
8.8
First published (updated )
CVE-2023-34447

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopiTop vulnerable to XSS vulnerability in n:n relations "tagset" widget

high
8.7
First published (updated )
CVE-2023-47123

iTopUnauthorized setup leads to SSRF in Combodo/iTop

high
8.7
First published (updated )
CVE-2021-32663

iTopStored Cross-site Scripting in Combodo iTop

high
8.7
First published (updated )
CVE-2022-24870

iTopReflected Cross-site Scripting exploit in Combodo iTop

high
8.1
First published (updated )
CVE-2024-52000

iTopReflected XSS in Combodo/iTop

high
8.1
First published (updated )
CVE-2021-32664

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

iTopXSS

high
8.1
First published (updated )
CVE-2019-19821

iTopXSS, Race Condition

high
8.1
First published (updated )
CVE-2019-11215

iTopPossible Cross-Site Request Forgery in Combodo iTop

high
8.1
First published (updated )
CVE-2021-41245

iTopiTop vulnerable to potential formula injection in Excel/CSV export file

high
8
First published (updated )
CVE-2023-48709

iTopPortal : the CSRF token isn't validated

high
8
First published (updated )
CVE-2021-21407

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203