CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-5520

Malware in sbrugna...

9.3CVSS7.3AI score0.01205EPSS

Exploits6References3

Check Point Advisories•added 2020/11/25 12:0 a.m.•6 views

RAD SecFlow-1v Cross Site Request Forgery (CVE-2020-13259)

A cross site request forgery vulnerability exists in RAD SecFlow-1v. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS5.6AI score0.01205EPSS

Exploits6

NVD•added 2020/09/17 8:15 p.m.•10 views

CVE-2020-13260

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as th...

6.1CVSS0.02046EPSS

Exploits5References3

Prion•added 2020/09/17 8:15 p.m.•15 views

Cross site scripting

4.3CVSS7AI score0.02046EPSS

Exploits7References3Affected Software1

Cvelist•added 2020/09/17 7:49 p.m.•13 views

CVE-2020-13260

7AI score0.02046EPSS

Exploits5References3

CVE•added 2020/09/17 7:49 p.m.•69 views

CVE-2020-13260

The CVE-2020-13260 entry concerns RAD SecFlow-1v web-based management interface (SF_0290_2.3.01.26). A vulnerability allows an authenticated attacker to upload a JavaScript file as a stored XSS payload, which is saved in the system as an OVPN config or a static key file. The payload executes when...

6.1CVSS6.8AI score0.02046EPSS

Exploits5References3Affected Software1

NVD•added 2020/09/16 7:15 p.m.•12 views

CVE-2020-13259

A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF02902.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on a...

9.3CVSS0.01205EPSS

Exploits6References2

Cvelist•added 2020/09/16 6:27 p.m.•17 views

CVE-2020-13259

7.7AI score0.01205EPSS

Exploits6References2

CVE•added 2020/09/16 6:27 p.m.•80 views

CVE-2020-13259

CVE-2020-13259 affects RAD SecFlow-1v os-image SF_0290_2.3.01.26: a CSRF weakness in the web UI allows an unauthenticated attacker to perform actions via a persuaded user, potentially with the user’s privileges. The CVSSv3.1 base score is 8.8 (HIGH); exploit scenario requires user interaction. Th...

9.3CVSS7.5AI score0.01205EPSS

Exploits6References2Affected Software1

Packet Storm•added 2020/09/14 12:0 a.m.•510 views

RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Request Forgery

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Cross-Site Request Forgery Reboot Date: 2020-08-31 Exploit Author: Uriel Yochpaz and Jonatan Schor Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A...

0.7AI score0.02046EPSS

Exploits7

Packet Storm•added 2020/09/14 12:0 a.m.•506 views

RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Scripting

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...

0.1AI score0.02046EPSS

Exploits7