Proxy CE
by Artica
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-13158 | 0.07 | — | 0.54 | Jun 22, 2020 | Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter. | |||
| CVE-2021-41739 | 0.01 | — | 0.03 | May 5, 2022 | A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp. | |||
| CVE-2020-15053 | 0.01 | — | 0.02 | Jul 20, 2020 | An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflected XSS exists via these search fields: real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects. | |||
| CVE-2020-15052 | 0.01 | — | 0.02 | Jul 20, 2020 | An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields. | |||
| CVE-2020-10818 | 0.01 | — | 0.03 | Mar 22, 2020 | Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field. | |||
| CVE-2022-37153 | 0.00 | — | 0.01 | Aug 24, 2022 | An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php. | |||
| CVE-2021-40680 | 0.00 | — | 0.01 | Apr 25, 2022 | There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi. |
- CVE-2020-13158Jun 22, 2020risk 0.07cvss —epss 0.54
Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.
- CVE-2021-41739May 5, 2022risk 0.01cvss —epss 0.03
A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp.
- CVE-2020-15053Jul 20, 2020risk 0.01cvss —epss 0.02
An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflected XSS exists via these search fields: real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects.
- CVE-2020-15052Jul 20, 2020risk 0.01cvss —epss 0.02
An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields.
- CVE-2020-10818Mar 22, 2020risk 0.01cvss —epss 0.03
Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field.
- CVE-2022-37153Aug 24, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php.
- CVE-2021-40680Apr 25, 2022risk 0.00cvss —epss 0.01
There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi.