DOMOS 5.5 - Local File Inclusion

SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. id: CVE-2019-18665 info: name: DOMOS 5.5 - Local File Inclusion author: 0xAkoko severity: high description: | SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. impact: | Successful exploitation of this...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2019-18664

The Log module in SECUDOS DOMOS before 5.6 allows XSS...

CVE-2019-18665

The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...

EUVD-2019-8381

Malware in sbrugna...

EUVD-2020-6447

Malware in sbrugna...

EUVD-2023-44932

Malicious code in bioql PyPI...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

CVE-2020-14294

An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

Design/Logic Flaw

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

CVE-2023-40361 affects SECUDOS Qiata (DOMOS OS) 4.13. The issue arises from insecure permissions on the previewRm.sh daily cronjob: every user on the system has write access to previewRm.sh, which is executed by root, enabling a low-privilege user to modify the script and potentially escalate pri...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

secudos qiata fta security breach

secudos qiata fta is a secure file transfer software from Secudos Germany. The software is suitable for file operations between teams and complies with the GDPR protocol for data security. A security vulnerability exists in SECUDOS Qiata version 4.13, which stems from the presence of insecure...

CVE-2020-14294

An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board...

CVE-2020-14294

An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

Design/Logic Flaw

An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board...