CVE-2020-19907
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. Devamını Oku
Devamını oku
CVE-2020-18544 (wms)
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php". Devamını Oku
CVE-2020-19907 (caldera)
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. Devamını Oku
CVE-2020-18982
Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl. Devamını Oku
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies. Devamını Oku
CVE-2020-23079
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet. Devamını Oku
CVE-2020-18982 (halo)
Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl. Devamını Oku
CVE-2020-23079 (halo)
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet. Devamını Oku
CVE-2020-19037 (halo)
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies. Devamını Oku
CVE-2020-19038 (halo)
File Deletion vulnerability in Halo 0.4.3 via delBackup. Devamını Oku
CVE-2020-19201
Netgate pfSense 2.4.4 – p2 is affected by: Cross Site Scripting (XSS). The impact is: Authenticated Stored XSS in NAT Configuration (local). The component is: Description Text box, Status/Reload Filter Page. The attack vector is: An attacker get access to the victim's session by performing the CSRF and gather the cookie and session ids or…