snipe - Security Researcher - Exploit Intelligence Platform

CVE-2026-48507 WRITEUP HIGH WRITEUP

Snipe-IT: Bulk editing users allowed `ldap_import` and `activated_in` bulk editing users

Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular `users.edit` permission to lock every admin out of the instance by editing the `activated` flag (which determines whether or not a user can login) and the `ldap_import` flag, which determines whether or not the user can request a password reset. Version 8.6.0 contains a patch.

CVSS 7.1

View Code

CVE-2026-44831 WRITEUP MEDIUM WRITEUP

Snipe-IT: XSS vulnerability in component notes

Snipe-IT is an IT asset/license management system. Prior to 8.4.1, users with component view access could be impacted by an unescaped notes column, resulting in cross-site scripting (XSS). This vulnerability is fixed in 8.4.1.

CVSS 4.8

View Code

CVE-2026-44832 WRITEUP HIGH WRITEUP

Snipe-IT: Privilege Escalation via API Permissions Assignment

Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit permission can escalate their own privileges to admin by sending a PATCH request to /api/v1/users/{id} with permissions[admin]=1. The API controller only strips the superuser key from the permissions array, allowing admin and all other permission keys to be set by any user who can update users. This vulnerability is fixed in 8.4.1.

CVSS 8.8

View Code

CVE-2026-44833 WRITEUP MEDIUM WRITEUP

Snipe-IT: Open redirect vulnerability

Snipe-IT is an IT asset/license management system. Prior to 8.4.1, an open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. This vulnerability is fixed in 8.4.1.

CVSS 5.9

View Code

CVE-2026-37709 WRITEUP CRITICAL WRITEUP

snipe-it < 8.4.1 - Remote Code Execution via UploadedFilesController

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component

CVSS 9.8

View Code

CVE-2025-63743 WRITEUP MEDIUM WRITEUP

Snipe-IT 8.3.0-8.3.1 - Authenticated Stored Cross-Site Scripting via Name and Surname Fields

Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is executed whenever "Activity Report" or modified profile is viewed directly by any user with sufficient permissions. Successful exploitation of this issue requires that the profile's "Display Name" is not set. The vulnerability is fixed in v8.3.2.

CVSS 5.4

View Code

CVE-2021-3858 WRITEUP HIGH WRITEUP

snipe-it < 5.3.0 - Cross-Site Request Forgery

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

CVSS 8.8

View Code

CVE-2021-3863 WRITEUP MEDIUM WRITEUP

snipe-it < 5.3.0 - Stored Cross-Site Scripting

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS 6.1

View Code

CVE-2021-3879 WRITEUP MEDIUM WRITEUP

snipe-it < 5.3.0 - Stored Cross-Site Scripting

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS 5.4

View Code

CVE-2021-3931 WRITEUP MEDIUM WRITEUP

snipe-it < 5.3.1 - Cross-Site Request Forgery

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

CVSS 4.3

View Code

CVE-2021-3961 WRITEUP MEDIUM WRITEUP

snipe-it < 5.3.2 - Stored Cross-Site Scripting

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS 5.4

View Code

CVE-2021-4108 WRITEUP MEDIUM WRITEUP

snipe-it < 5.3.5 - Stored Cross-Site Scripting

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS 6.1

View Code

CVE-2021-4130 WRITEUP HIGH WRITEUP

snipe-it < 5.3.6 - Cross-Site Request Forgery

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

CVSS 8.8

View Code

CVE-2022-0569 WRITEUP MEDIUM WRITEUP

Packagist snipe/snipe-it <5.3.9 - Info Disclosure

Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.

CVSS 5.3

View Code

CVE-2022-0579 WRITEUP MEDIUM WRITEUP

Packagist snipe/snipe-it <5.3.9 - Info Disclosure

Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.

CVSS 6.5

View Code

CVE-2022-0611 WRITEUP MEDIUM WRITEUP

Packagist snipe/snipe-it <5.3.11 - Info Disclosure

Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.

CVSS 6.3

View Code

CVE-2022-0622 WRITEUP MEDIUM WRITEUP

Packagist snipe/snipe-it <5.3.11 - Info Disclosure

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.

CVSS 5.3

View Code

CVE-2022-1155 WRITEUP HIGH WRITEUP

GitHub snipe-it <5.3.10 - Info Disclosure

Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.

CVSS 7.4

View Code

CVE-2022-2997 WRITEUP HIGH WRITEUP

GitHub snipe/snipe-it <6.0.10 - Info Disclosure

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

CVSS 8.0

View Code

CVE-2022-3035 WRITEUP MEDIUM WRITEUP

GitHub repository snipe/snipe-it <6.0.11 - XSS

Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11.

CVSS 4.8

View Code

CVE-2022-3173 WRITEUP MEDIUM WRITEUP

Snipe-IT < 6.0.10 - Improper Authentication

Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10.

CVSS 4.3

View Code

CVE-2023-5452 WRITEUP MEDIUM WRITEUP

snipe-it < 6.2.2 - Stored Cross-Site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2.

CVSS 5.4

View Code

CVE-2023-5511 WRITEUP HIGH WRITEUP

Snipe-IT < 6.2.3 - Cross-Site Request Forgery

Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3.

CVSS 8.8

View Code

CVE-2024-5685 WRITEUP HIGH WRITEUP

snipe-it <6.4.1 - Privilege Escalation

Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it: from v4.6.17 through v6.4.1.

CVSS 7.6

View Code