26 matches found
EUVD-2020-10890
Malware in sbrugna...
CVE-2020-19038
File Deletion vulnerability in Halo 0.4.3 via delBackup...
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies...
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies...
CVE-2020-19038
File Deletion vulnerability in Halo 0.4.3 via delBackup...
CVE-2020-19038
File Deletion vulnerability in Halo 0.4.3 via delBackup...
CVE-2020-18982
Cross Sie Scripting XSS vulnerability in Halo 0.4.3 via CommentAuthorUrl...
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies...
Cross site scripting
Cross Sie Scripting XSS vulnerability in Halo 0.4.3 via CommentAuthorUrl...
Arbitrary file deletion
File Deletion vulnerability in Halo 0.4.3 via delBackup...
CVE-2020-19038
CVE-2020-19038 affects Halo version 0.4.3 and is described as a File Deletion vulnerability via the delBackup function. The connected documents consistently identify Halo 0.4.3 as vulnerable to arbitrary file deletion through delBackup, indicating a flaw in the handling of that function. The root...
CVE-2020-19038
File Deletion vulnerability in Halo 0.4.3 via delBackup...
CVE-2020-19037
The CVE-2020-19037 entry concerns Halo 0.4.3 with an incorrect access control vulnerability that allows a malicious user to bypass encryption and view encrypted articles via cookies. The root cause is improper access control. The connected documents provide concrete details about the affected pro...
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies...
CVE-2020-18982
CVE-2020-18982 is a Cross-Site Scripting (XSS) vulnerability affecting Halo version 0.4.3, exploitable via the CommentAuthorUrl parameter. The incident is documented across multiple feeds (NVD, Red Hat, CNVD, OSV, etc.) with consistent wording: Halo 0.4.3 is vulnerable to XSS through CommentAutho...
CVE-2020-18982
Cross Sie Scripting XSS vulnerability in Halo 0.4.3 via CommentAuthorUrl...
CVE-2020-18980
Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters...
CVE-2020-18980
Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters...
CVE-2020-18979
Cross Siste Scripting XSS vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter...
CVE-2020-18979
Cross Siste Scripting XSS vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter...