Eric Espie

6 exploits Active since Mar 2023
CVE-2022-39214 WRITEUP CRITICAL WRITEUP
Combodo iTop < 2.7.8 - Authenticated Account Takeover via Username Knowledge
Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1.
CVSS 9.6
CVE-2023-34447 WRITEUP HIGH WRITEUP
iTop < 3.0.4 - Cross-Site Scripting in UI.php
iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on `pages/UI.php`, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0.
CVSS 8.8
CVE-2025-24022 WRITEUP HIGH WRITEUP
iTop < 2.7.12 - Remote Code Execution via Portal Frontend
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1.
CVSS 8.5
CVE-2022-39214 WRITEUP CRITICAL WRITEUP
Combodo iTop < 2.7.8 - Authenticated Account Takeover via Username Knowledge
Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1.
CVSS 9.6
CVE-2023-34446 WRITEUP HIGH WRITEUP
iTop - Cross-Site Scripting in Preferences Page
iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, when displaying `pages/preferences.php`, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0.
CVSS 8.8
CVE-2023-34447 WRITEUP HIGH WRITEUP
iTop < 3.0.4 - Cross-Site Scripting in UI.php
iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on `pages/UI.php`, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0.
CVSS 8.8