VYPR

Proxy CE

by Artica

CVEs (7)

  • CVE-2020-13158Jun 22, 2020
    risk 0.07cvss epss 0.54

    Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.

  • CVE-2021-41739May 5, 2022
    risk 0.01cvss epss 0.03

    A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp.

  • CVE-2020-15053Jul 20, 2020
    risk 0.01cvss epss 0.02

    An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflected XSS exists via these search fields: real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects.

  • CVE-2020-15052Jul 20, 2020
    risk 0.01cvss epss 0.02

    An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields.

  • CVE-2020-10818Mar 22, 2020
    risk 0.01cvss epss 0.03

    Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field.

  • CVE-2022-37153Aug 24, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php.

  • CVE-2021-40680Apr 25, 2022
    risk 0.00cvss epss 0.01

    There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi.