Skip to main content
CVE-2020-35729 CRITICAL POC THREAT Emergency

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Klog Server
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
88.0%
CVE-2020-7845 CRITICAL Act Now

Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Spamsniper
NVD
CVSS 3.1
9.8
EPSS
2.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy