» 2020 » 2월

CVE-2020-1697

Posted on 2020년 2월 11일2020년 2월 11일 by admin

CVE-2020-1697

It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly conduct further attacks.

Source: CVE-2020-1697

CVE-2014-5086

Posted on 2020년 2월 11일2020년 2월 11일 by admin

CVE-2014-5086

A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don?t exist in Sphider.

Source: CVE-2014-5086

CVE-2014-5085

Posted on 2020년 2월 11일2020년 2월 11일 by admin

CVE-2014-5085

A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro.

Source: CVE-2014-5085

CVE-2014-5084

Posted on 2020년 2월 11일2020년 2월 11일 by admin

CVE-2014-5084

A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus.

Source: CVE-2014-5084

CVE-2014-5083

Posted on 2020년 2월 11일2020년 2월 11일 by admin

CVE-2014-5083

A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.

Source: CVE-2014-5083