2 matches found
CVE-2020-19000
CVE-2020-19000: XSS in Simiki v1.6.2.1 and earlier allows remote attackers to execute arbitrary code via line 54 of simiki/blob/master/simiki/generators.py. Affected software: Simiki. Vulnerable component: generators.py. Impact per sources: CVSS2/4.3 (MEDIUM) and CVSS3.1/6.1 (MEDIUM). Exploitatio...
CVE-2020-19001
CVE-2020-19001 affects Simiki (v1.6.2.1 and earlier). The issue is a command injection vulnerability in the component at simiki/blob/master/simiki/config.py (line 64), enabling remote attackers to execute arbitrary system commands. The CVE is rated as high/critical by NVD (CVSSv3.1: CVSS:3.1/AV:N...