Lucene search
K

28 matches found

Nuclei
Nuclei
added 2 days ago29 views

Artica Web Proxy 4.30 - OS Command Injection

Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform. id: CVE-2020-17505 info: name: Artica Web Proxy 4.30 - OS Command Injection author: dwisiswant0...

9CVSS7.2AI score0.82165EPSS
Exploits4References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:48 a.m.7 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

9CVSS6.9AI score0.82165EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 p.m.8 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

9.8CVSS8.1AI score0.93967EPSS
Exploits7
VulnCheck KEV
VulnCheck KEV
added 2023/12/01 12:0 a.m.2 views

VulnCheck KEV: CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

9.8CVSS7.4AI score0.93967EPSS
Exploits7References1
BDU FSTEC
BDU FSTEC
added 2021/04/01 12:0 a.m.5 views

The vulnerability of the fw.login.php component of the Artica Web Proxy management system allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the fw.login.php component of the Artica Web Proxy server management system is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...

10CVSS8.4AI score0.93967EPSS
Exploits7References4Affected Software1
CNVD
CNVD
added 2020/08/20 12:0 a.m.2 views

ArticaTech Artica Web Proxy SQL Injection Vulnerability

ArticaTech Artica Proxy is an open source Artica proxy solution from the French company ArticaTech. An SQL injection vulnerability exists in the 'apikey' parameter of the fw.login.php file in Artica Web Proxy version 4.30.00000000. A remote attacker can exploit this vulnerability to bypass...

9.8CVSS8.2AI score0.93967EPSS
Exploits7References1
OSV
OSV
added 2020/08/12 5:15 p.m.2 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

9.8CVSS7.4AI score0.93967EPSS
Exploits7References3
NVD
NVD
added 2020/08/12 5:15 p.m.24 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

9CVSS8.7AI score0.82165EPSS
Exploits4References2
NVD
NVD
added 2020/08/12 5:15 p.m.20 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

9.8CVSS10AI score0.93967EPSS
Exploits7References3
Prion
Prion
added 2020/08/12 5:15 p.m.21 views

Command injection

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

9CVSS8.6AI score0.82165EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2020/08/12 5:15 p.m.27 views

Sql injection

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

7.5CVSS9.9AI score0.93967EPSS
Exploits7References3Affected Software1
CVE
CVE
added 2020/08/12 4:33 p.m.120 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 is affected by CVE-2020-17505. AnAuthenticated attacker can inject commands via the service-cmds parameter in cyrus.php, with the injected commands executed as root through service_cmds_peform, yielding remote code execution. The issue is documented across multiple so...

9CVSS8.5AI score0.82165EPSS
In wildExploits4References2Affected Software1
Cvelist
Cvelist
added 2020/08/12 4:33 p.m.26 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

8.7AI score0.82165EPSS
Exploits4References2
Cvelist
Cvelist
added 2020/08/12 4:33 p.m.35 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

10AI score0.93967EPSS
Exploits7References3
CVE
CVE
added 2020/08/12 4:33 p.m.192 views

CVE-2020-17506

CVE-2020-17506 affects Artica Web Proxy 4.30.00000000. The vulnerability is an SQL injection in the apikey parameter of fw.login.php that allows remote attackers to bypass privilege detection and gain web backend administrator privileges. Documents indicate this can lead to authentication bypass ...

9.8CVSS9.9AI score0.93967EPSS
In wildExploits7References3Affected Software1
Positive Technologies
Positive Technologies
added 2020/08/12 12:0 a.m.5 views

PT-2020-15027 · Artica · Artica Web Proxy

Name of the Vulnerable Software and Affected Versions: Artica Web Proxy version 4.30.000000 Description: The issue allows an authenticated remote attacker to inject commands via the service-cmds parameter in "cyrus.php". These commands are executed with root privileges through the service cmds...

9CVSS9AI score0.82165EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2020/08/12 12:0 a.m.3 views

PT-2020-5817 · Artica · Artica Web Proxy

Name of the Vulnerable Software and Affected Versions: Artica Web Proxy version 4.30.00000000 Description: The issue is related to a lack of protection against SQL structure manipulation in the fw.login.php component. This can be exploited by a remote attacker to bypass privilege detection and ga...

10CVSS9.9AI score0.93967EPSS
Exploits7References7
Check Point Advisories
Check Point Advisories
added 2019/08/27 12:0 a.m.3 views

Artica Web Proxy Cross-site Scripting (CVE-2017-17055)

A cross-site scripting vulnerability exists in Artica Web Proxy. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

8.5CVSS5.1AI score0.08708EPSS
Exploits6
NVD
NVD
added 2017/12/07 2:29 a.m.12 views

CVE-2017-17055

Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting XSS attack involving the username-form-id parameter to freeradius.users.php...

9CVSS8.6AI score0.08708EPSS
Exploits6References4
OSV
OSV
added 2017/12/07 2:29 a.m.3 views

CVE-2017-17055

Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting XSS attack involving the username-form-id parameter to freeradius.users.php...

9CVSS6AI score0.08708EPSS
Exploits6References4
Rows per page
Query Builder