Product
plextrac
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-12687
CVE-2024-11839
CVE-2024-11838
CVE-2024-11837
CVE-2024-11836
CVE-2024-11835
CVE-2024-11834
CVE-2024-11833
CVE-2022-37146
CVE-2022-37145
CVE-2022-37144
>= 1.61.3 and < 2.8.1
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file wr
>= 1.61.3 and < 2.8.1
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file wr
>= 1.61.3 and < 2.8.1
External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API end
>= 1.61.3 and < 2.8.1
Improper Neutralization of Special Elements used in an N1QL Command ('N1QL Injection') vulnerability in PlexTrac allows N1QL Inj
>= 1.61.3 and < 2.8.1
Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system resources.This issue affects Ple
>= 1.61.3 and < 2.8.1
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue affects PlexTrac: from 1.61.3 before 2
>= 1.61.3 and < 2.8.1
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file wri
>= 1.61.3 and < 2.8.1
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file wri
< 1.28.0
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts fo
< 1.17.0
The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use t
< 1.17.0
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated rem