Vulnerabilities > Articatech > Artica Proxy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-20 | CVE-2020-15053 | Cross-site Scripting vulnerability in Articatech Artica Proxy An issue was discovered in Artica Proxy CE before 4.28.030.418. | 4.3 |
| 2020-07-20 | CVE-2020-15052 | SQL Injection vulnerability in Articatech Artica Proxy An issue was discovered in Artica Proxy CE before 4.28.030.418. | 5.0 |
| 2020-07-15 | CVE-2020-15051 | Cross-site Scripting vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418 An issue was discovered in Artica Proxy before 4.30.000000. | 4.3 |
| 2020-06-22 | CVE-2020-13159 | OS Command Injection vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418 Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. | 10.0 |
| 2020-06-22 | CVE-2020-13158 | Path Traversal vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418 Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter. | 5.0 |
| 2020-03-22 | CVE-2020-10818 | OS Command Injection vulnerability in Articatech Artica Proxy 4.26 Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field. | 6.5 |
| 2019-02-01 | CVE-2019-7300 | Insufficiently Protected Credentials vulnerability in Articatech Artica Proxy 3.06.200056 Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field. | 9.0 |
| 2017-12-07 | CVE-2017-17055 | OS Command Injection vulnerability in Articatech Artica Proxy Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php. | 8.5 |