Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 3:33 p.m.4 views

CVE-2020-35579

tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%=%URL%=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the external request target may indirectly redirect back to this original /sub endpoint. Thus, a request loop and...

7.5CVSS7AI score0.00433EPSS
Exploits1
CNNVD
CNNVDadded 2022/05/19 12:0 a.m.1 views

Subconverter 代码问题漏洞

Tindy2013 Subconverter is a C++-based proxy subscription software by the individual developer of Tindy2013. A security vulnerability exists in Subconverter version v0.7.2, which can be exploited by attackers to execute arbitrary code via specially crafted configuration and URL parameters...

9.8CVSS8.8AI score0.04158EPSS
Exploits1References3
OSV
OSVadded 2020/12/20 7:15 a.m.11 views

CVE-2020-35579

tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the external request target may indirectly redirect back to this original /sub endpoint. Thus, a reque...

7.5CVSS7AI score
Exploits0References1
Prion
Prionadded 2020/12/20 7:15 a.m.9 views

Cross site request forgery (csrf)

tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the external request target may indirectly redirect back to this original /sub endpoint. Thus, a reque...

5CVSS7.5AI score0.00433EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2020/12/20 6:31 a.m.59 views

CVE-2020-35579

CVE-2020-35579 affects tindy2013 subconverter 0.6.4. The API endpoint /sub?target=%TARGET%&url=%URL%&config=%CONFIG% accepts an arbitrary URL value and issues a GET request for it, but does not account for the external request target redirecting back to the original /sub endpoint. This can create...

7.5CVSS7.5AI score0.00433EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2020/12/20 6:31 a.m.9 views

CVE-2020-35579

tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the external request target may indirectly redirect back to this original /sub endpoint. Thus, a reque...

7.6AI score0.00433EPSS
Exploits1References1
CNNVD
CNNVDadded 2020/12/20 12:0 a.m.2 views

Tindy2013 Subconverter Security Vulnerability

Tindy2013 Subconverter is a C++ based proxy subscription software by the individual developer of Tindy2013. A security vulnerability exists in Tindy2013 Subconverter version 0.6.4, which can lead to request loops and denial of service...

7.5CVSS7.1AI score0.00433EPSS
Exploits1References2
Rows per page
Query Builder