Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:42 p.m.11 views

CVE-2020-5225

Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances,...

5.5CVSS7.1AI score0.00653EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/01/24 9:15 p.m.22 views

CVE-2020-5225

Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances,...

5.5CVSS6AI score0.00653EPSS
Exploits0References3
CVE
CVE
added 2020/01/24 8:55 p.m.84 views

CVE-2020-5225

The CVE-2020-5225 issue affects SimpleSAMLphp up to version 1.18.3, where the www/errorreport.php endpoint did not sanitize the reportID parameter, allowing an attacker to inject newline characters and append arbitrary log lines when the file logging handler is used. This could lead to log inject...

5.5CVSS5.1AI score0.00653EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2020/01/24 8:55 p.m.22 views

CVE-2020-5225

Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances,...

5.5CVSS5.6AI score0.00653EPSS
Exploits0
Rows per page
Query Builder