Lucene search
K

9 matches found

CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

IBM Sterling Connect Direct for Unix 安全漏洞

IBM Sterling Connect Direct for Unix is a file transfer program from International Business Machines IBM. A security vulnerability exists in IBM Sterling Connect Direct for Unix versions 6.2.0.7 through 6.2.0.9, iFix004 and 6.4.0.0 through 6.4.0.2, iFix001 and 6.3.0.2 through 6.3.0.5, iFix002,...

7.2CVSS6.5AI score0.00322EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.17 views

EUVD-2020-3437

Malware in sbrugna...

9CVSS8.6AI score0.10949EPSS
Exploits7References5
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-11060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an...

9CVSS7.8AI score0.10949EPSS
Exploits7References2
RedhatCVE
RedhatCVE
added 2022/05/20 11:28 p.m.37 views

CVE-2020-11060

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

9CVSS4.7AI score0.10949EPSS
Exploits7References1
OSV
OSV
added 2020/05/12 8:15 p.m.24 views

CVE-2020-11060

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

8.8CVSS6.8AI score
Exploits0References3
Prion
Prion
added 2020/05/12 8:15 p.m.34 views

Cross site request forgery (csrf)

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

9CVSS8.6AI score0.10949EPSS
Exploits7References3Affected Software1
UbuntuCve
UbuntuCve
added 2020/05/12 8:15 p.m.33 views

CVE-2020-11060

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

9CVSS7.3AI score0.10949EPSS
Exploits7References3
Cvelist
Cvelist
added 2020/05/12 7:30 p.m.55 views

CVE-2020-11060 Remote Code Execution in GLPI

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

7.4CVSS8.6AI score0.10949EPSS
Exploits7References3
FreeBSD
FreeBSD
added 2020/03/30 12:0 a.m.63 views

glpi -- Remote Code Execution (RCE) via the backup functionality

MITRE Corporation reports: In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only...

9CVSS3.9AI score0.10949EPSS
Exploits7References2
Rows per page
Query Builder