Filtered by vendor Secudos
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40361 | 1 Secudos | 1 Qiata | 2024-02-28 | N/A | 7.8 HIGH |
| SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user. | |||||
| CVE-2020-14294 | 1 Secudos | 1 Qiata Fta | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board. | |||||
| CVE-2020-14293 | 1 Secudos | 1 Domos | 2024-02-28 | 8.5 HIGH | 7.5 HIGH |
| conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). | |||||
| CVE-2019-18665 | 1 Secudos | 1 Domos | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. | |||||
| CVE-2019-18664 | 1 Secudos | 1 Domos | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| The Log module in SECUDOS DOMOS before 5.6 allows XSS. | |||||