CVE-2020-19907 (caldera)
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. Devamını Oku
Devamını oku
Day: Temmuz 12, 2021
CVE-2020-18544 (wms)
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php". Devamını Oku
CVE-2020-19907
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. Devamını Oku
CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php". Devamını Oku
CVE-2020-19038 (halo)
File Deletion vulnerability in Halo 0.4.3 via delBackup. Devamını Oku
CVE-2020-19037 (halo)
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies. Devamını Oku
CVE-2020-23079 (halo)
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet. Devamını Oku
CVE-2020-18982 (halo)
Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl. Devamını Oku
CVE-2020-23079
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet. Devamını Oku