Vulnerabilities > Mitre

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-12	CVE-2020-19907	OS Command Injection vulnerability in Mitre Caldera A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. network low complexity mitre CWE-78	8.8
2020-06-19	CVE-2020-14462	Cross-site Scripting vulnerability in Mitre Caldera 2.7.0 CALDERA 2.7.0 allows XSS via the Operation Name box. network mitre CWE-79	3.5
2020-03-22	CVE-2020-10807	Missing Authentication for Critical Function vulnerability in Mitre Caldera auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header. network low complexity mitre CWE-306	5.0
2008-10-23	CVE-2008-4704	Code Injection vulnerability in Mitre Sezhoo 0.1 PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. network low complexity mitre CWE-94 critical	10.0

Vulnerabilities > Mitre {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mitre"}]}