Vulnerabilities > Mitre
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-12 | CVE-2020-19907 | OS Command Injection vulnerability in Mitre Caldera A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. | 8.8 |
2020-06-19 | CVE-2020-14462 | Cross-site Scripting vulnerability in Mitre Caldera 2.7.0 CALDERA 2.7.0 allows XSS via the Operation Name box. | 3.5 |
2020-03-22 | CVE-2020-10807 | Missing Authentication for Critical Function vulnerability in Mitre Caldera auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header. | 5.0 |
2008-10-23 | CVE-2008-4704 | Code Injection vulnerability in Mitre Sezhoo 0.1 PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. | 10.0 |