25 matches found
CVE-2020-19000
CVE-2020-19000: XSS in Simiki v1.6.2.1 and earlier allows remote attackers to execute arbitrary code via line 54 of simiki/blob/master/simiki/generators.py. Affected software: Simiki. Vulnerable component: generators.py. Impact per sources: CVSS2/4.3 (MEDIUM) and CVSS3.1/6.1 (MEDIUM). Exploitatio...
CVE-2020-19001
CVE-2020-19001 affects Simiki (v1.6.2.1 and earlier). The issue is a command injection vulnerability in the component at simiki/blob/master/simiki/config.py (line 64), enabling remote attackers to execute arbitrary system commands. The CVE is rated as high/critical by NVD (CVSSv3.1: CVSS:3.1/AV:N...
PT-2021-10269 · Simiki · Simiki
Name of the Vulnerable Software and Affected Versions: Simiki versions 1.6.2.1 and prior Description: The issue allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'. This enables attackers to potentially gain unauthorized...
Simiki 跨站脚本漏洞
Github Simiki is a simple wiki framework written in Python. A security vulnerability exists in Simiki v1.6.2.1 and earlier versions, which can be exploited to execute arbitrary code via line 54 of the component "Simiki/blob/master/Simiki/generators.py"...
Github Simiki 命令注入漏洞
Github Simiki is a simple wiki framework written in Python. Github Simiki suffers from a command injection vulnerability that stems from a command injection vulnerability in Simiki v1.6.2.1 and earlier versions. The vulnerability allows remote attackers to execute arbitrary system commands via li...