Skip to main content
CVE-2020-10808 HIGH POC PATCH THREAT Act Now

Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Vesta Control Panel
NVD GitHub
CVSS 3.1
8.8
EPSS
77.3%
CVE-2020-10818 HIGH POC This Week

Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Artica Proxy
NVD
CVSS 3.1
7.2
EPSS
2.9%
CVE-2020-10802 HIGH PATCH This Week

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

SQLi PHP Phpmyadmin Debian Linux Fedora +3
NVD
CVSS 3.1
8.0
EPSS
2.1%
CVE-2020-10804 HIGH PATCH This Week

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Phpmyadmin Fedora Backports Sle +2
NVD
CVSS 3.1
8.0
EPSS
2.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy