7 matches found
CVE-2020-15051
An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields...
Cross site scripting
An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields...
CVE-2020-15051
An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields...
CVE-2020-13159
Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclientmac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818...
Command injection
Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclientmac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818...
CVE-2020-13159
Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclientmac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818...
CVE-2020-13159
CVE-2020-13159 concerns Artica Proxy, before 4.30.000000 Community Edition, allowing OS command injection via user-controllable fields: Netbios name, Server domain name, dhclient_mac, Hostname, or Alias. The issue stems from constructing OS commands from unfiltered input, enabling remote code exe...