CVSS: 9.3EPSS: 92%CPEs: 8EXPL: 10CVE-2020-8813 – Cacti 1.2.8 - Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. El archivo graph_realtime.php en Cacti versión 1.2.8, permite a atacantes remotos ejecutar comandos arbitrarios de Sistema Operativo por medio de metacaracteres de shell en una cookie, si un usuario invitado posee el privilegio graph real-time. graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege. • https://www.exploit-db.com/exploits/48145 https://www.exploit-db.com/exploits/48144 https://github.com/mhaskar/CVE-2020-8813 https://github.com/p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime https://github.com/hexcowboy/CVE-2020-8813 https://github.com/0xm4ud/Cacti-CVE-2020-8813 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html http://packetstormsecurity.com/files/156537/Cacti- • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15624
https://notcve.org/view.php?id=CVE-2019-15624
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders. Una Comprobación de Entrada Inapropiada en Nextcloud Server versión 15.0.7, permite a los administradores de grupo crear usuarios con los ID de carpetas del sistema. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html https://hackerone.com/reports/508493 https://nextcloud.com/security/advisory/?id=NC-SA-2019-015 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2020-8118
https://notcve.org/view.php?id=CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application. Un ataque de tipo server-side request forgery autenticado en Nextcloud versión 16.0.1, permitió detectar servicios locales y remotos al agregar una nueva suscripción en la aplicación calendar. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html https://hackerone.com/reports/427835 https://nextcloud.com/security/advisory/?id=NC-SA-2019-014 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-18900 – libzypp stores cookies world readable
https://notcve.org/view.php?id=CVE-2019-18900
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1. Una vulnerabilidad de Permisos Predeterminados Incorrectos en libzypp de SUSE CaaS Platform versión 3.0, SUSE Linux Enterprise Server versión12, SUSE Linux Enterprise Server versión 15, permitió a atacantes locales leer un almacén de cookies utilizado por libzypp, exponiendo cookies privadas. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html https://bugzilla.suse.com/show_bug.cgi?id=1158763 https://lists.debian.org/debian-lts-announce/2020/03/msg00005.html • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 2CVE-2020-5504
https://notcve.org/view.php?id=CVE-2020-5504
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server. En phpMyAdmin versiones 4 anteriores a 4.9.4 y versiones 5 anteriores a 5.0.1, una inyección SQL se presenta en la página de cuentas de usuario. Un usuario malicioso podría inyectar SQL personalizado en lugar de su propio nombre de usuario cuando crea consultas en esta página. • https://github.com/xMohamed0/CVE-2020-5504-phpMyAdmin http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html https://www.phpmyadmin.net/security/PMASA-2020-1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •