CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

434 matches found

Artica Proxy 4.30.000000 - Cross-Site Scripting

Artica Proxy 4.30.000000 contains a cross-site scripting vulnerability via the password parameter in /fw.login.php. id: CVE-2022-37153 info: name: Artica Proxy 4.30.000000 - Cross-Site Scripting author: arafatansari severity: medium description: | Artica Proxy 4.30.000000 contains a cross-site...

6.1CVSS6.1AI score0.04408EPSS

Exploits1References5

Nuclei•added yesterday•22 views

Pandora FMS 7.0NG - Remote Command Injection

Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ipsrc parameter in an index.php?operation/netflow/nfliveview request. id: CVE-2019-20224 info: name: Pandora FMS 7.0NG - Remote Command Injection author: ritikchaddha severity: hig...

9CVSS7.5AI score0.93613EPSS

Exploits5References5

Nuclei•added yesterday•78 views

Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php. id: CVE-2020-17506 info: name: Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection author:...

9.8CVSS7.4AI score0.91971EPSS

Exploits7References5

Nuclei•added yesterday•7 views

Artica Proxy - Unauthenticated LFI

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web application attempts to...

7.5CVSS7.5AI score0.36545EPSS

Exploits4References3

Nuclei•added 2 days ago•28 views

Artica Web Proxy 4.30 - OS Command Injection

Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform. id: CVE-2020-17505 info: name: Artica Web Proxy 4.30 - OS Command Injection author: dwisiswant0...

9CVSS7.3AI score0.89636EPSS

Exploits4References5

Nuclei•added 4 days ago•100 views

Artica Pandora FMS 7.44 - Remote Code Execution

Artica Pandora FMS 7.44 allows remote command execution via the events feature. id: CVE-2020-13851 info: name: Artica Pandora FMS 7.44 - Remote Code Execution author: theamanrawat severity: high description: | Artica Pandora FMS 7.44 allows remote command execution via the events feature. impact:...

9CVSS7.4AI score0.93952EPSS

Exploits4References4

Nuclei•added 2026/05/29 3:59 a.m.•26 views

Artica Proxy Community Edition <4.30.000000 - Local File Inclusion

Artica Proxy Community Edition before 4.30.000000 is vulnerable to local file inclusion via the fw.progrss.details.php popup parameter. id: CVE-2020-13158 info: name: Artica Proxy Community Edition 4.30.000000 - Local File Inclusion author: 0xAkoko severity: high description: Artica Proxy Communi...

7.5CVSS7.2AI score0.93233EPSS

Exploits1References5

VulnCheck KEV•added 2026/04/08 12:0 a.m.•1 views

VulnCheck KEV: CVE-2020-8497

In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps...

5.3CVSS5.8AI score0.22366EPSS

In wildExploits1References2

VulnCheck KEV•added 2026/02/02 12:0 a.m.•3 views

VulnCheck KEV: CVE-2024-2053

7.5CVSS6.3AI score0.36545EPSS

In wildExploits4References3

RedhatCVE•added 2026/01/09 11:36 a.m.•3 views

CVE-2021-41739

A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp...

9.8CVSS7.8AI score0.06738EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:50 a.m.•5 views

CVE-2022-37153

An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php...

6.1CVSS6.2AI score0.04408EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:58 a.m.•7 views

CVE-2020-7935

Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. An attacker can create a or use an existing directory that is externally accessible to store PHP files. The filename and the exac...

7.2CVSS7.2AI score0.00445EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:52 a.m.•5 views

CVE-2020-10818

Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field...

7.2CVSS7.1AI score0.07561EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:48 a.m.•4 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

9CVSS6.9AI score0.89636EPSS

Exploits4References1

RedhatCVE•added 2026/01/07 9:34 a.m.•4 views

CVE-2019-7300

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldapadmin and ldappassword fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field...

9CVSS8.1AI score0.02722EPSS

Exploits1References1