Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5918

Malware in sbrugna...

9CVSS7.5AI score0.17772EPSS
Exploits8References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-5917

Malware in sbrugna...

9CVSS7.5AI score0.17772EPSS
Exploits8References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.5 views

CVE-2020-13695

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/.db or /etc/shadow file...

9CVSS6.5AI score0.01404EPSS
Exploits1
OSV
OSV
added 2020/06/01 6:15 p.m.20 views

CVE-2020-13695

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/.db or /etc/shadow file...

7.2CVSS6.7AI score0.17772EPSS
Exploits7References1
CVE
CVE
added 2020/06/01 5:45 p.m.85 views

CVE-2020-13695

CVE-2020-13695 affects QuickBox Community Edition up to 2.5.5 and QuickBox Pro up to 2.1.8. The local www-data user has passwordless sudo privileges to run grep as root, enabling an attacker to read sensitive files such as /root/*.db and /etc/shadow. This results in potential exposure of confiden...

9CVSS7.2AI score0.01404EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/06/01 4:15 p.m.22 views

CVE-2020-13694

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option...

8.8CVSS7.8AI score0.17772EPSS
Exploits7References1
Prion
Prion
added 2020/06/01 4:15 p.m.23 views

Command injection

QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter...

9CVSS8.9AI score0.17772EPSS
Exploits7References2Affected Software1
CVE
CVE
added 2020/06/01 3:19 p.m.73 views

CVE-2020-13694

Technical details for CVE-2020-13694 are not provided in the connected documents; the available sources lack affected product/version/impact specifics beyond the initial description. Monitor for updates.

9CVSS8.8AI score0.01669EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder