11 matches found
CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
Tiny Tiny RSS Remote Code Execution (CVE-2020-25787)
A remote code execution vulnerability exists in Tiny Tiny RSS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TinyTinyRSS Remote Code Execution
!/usr/bin/env python3 Exploit Title: TinyTinyRSS remote code execution Date: 21 September 2020 made public Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit...
Tiny Tiny RSS - Remote Code Execution Exploit
Exploit Title: Tiny Tiny RSS - Remote Code Execution Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
Tiny Tiny RSS - Remote Code Execution
Exploit Title: Tiny Tiny RSS - Remote Code Execution Date: 21/09/2020 Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
CVE-2020-25787
creationtimestamp| type| source ---|---|--- 2020-12-31 19:27:18+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1810 2021-09-21 06:42:51+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/133 2024-11-14 06:08:16+00:00| seen|...
FreeBSD : tt-rss -- multiple vulnerabilities (2eec1e85-faf3-11ea-8ac0-4437e6ad11c4)
tt-rss project reports : The cachedurl feature mishandles JavaScript inside an SVG document. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST'url' in an error message. It does not validate all URLs before requesting them. Allows remote attackers to execute arbitrary PHP code via a...
CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
DEBIAN-CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
UBUNTU-CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
CVE-2020-25787
CVE-2020-25787 affects Tiny Tiny RSS (tt-rss) prior to 2020-09-16. The issue is that tt-rss does not validate all URLs before requesting them, enabling potential remote code execution as described by multiple sources. A number of connected documents provide concrete details: a known remote code e...