Aggregates CVE and security vulnerability intelligence across all prophecyinternational-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk sql injection and vendor risk csrf; exposure may include vendor impact data exposure in vendor surface production workloads and vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-5250 | Snare for Linux before 1.7.0 has CSRF in the web interface. | [email protected] | 6.5 | 0.66% | 2020-01-08 | 2026-06-16 |
| CVE-2011-5247 | Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. | [email protected] | 7.5 | 1.08% | 2020-01-08 | 2026-06-16 |
| CVE-2019-11364 | An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter. | [email protected] | 7.2 | 2.23% | 2019-08-29 | 2026-06-16 |
| CVE-2019-11363 | A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. | [email protected] | 7.2 | 1.11% | 2019-08-29 | 2026-06-16 |