Lucene search
GoogleOSV:CVE-2020-13694HistoryJun 01, 2020 - 4:15 p.m.
CVE-2020-13694
2020-06-0116:15:14
Google
osv.dev
8
In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option.
Related
cve
cve
CVE-2020-13448
2020-06-01 16:15:14
CVE-2020-13694
2020-06-01 16:15:14
osv
osv
CVE-2020-13448
2020-06-01 16:15:14
CVE-2020-13695
2020-06-01 18:15:11
cvelist
cvelist
CVE-2020-13448
2020-06-01 15:19:42
CVE-2020-13694
2020-06-01 15:19:45
checkpoint_advisories
checkpoint_advisories
HTTP Suspicious Linux Etc Paths (CVE-2020-13448)
2020-05-14 00:00:00
QuickBox Remote Code Execution (CVE-2020-13448)
2020-06-21 00:00:00
packetstorm
packetstorm
QuickBox Pro 2.1.8 Remote Code Execution
2020-06-02 00:00:00
exploitdb
exploitdb
QuickBox Pro 2.1.8 - Authenticated Remote Code Execution
2020-06-01 00:00:00
zdt
zdt
QuickBox Pro 2.1.8 - Authenticated Remote Code Execution Exploit
2020-06-01 00:00:00
prion
prion
Command injection
2020-06-01 16:15:00
Design/Logic Flaw
2020-06-01 16:15:00
nvd
nvd
CVE-2020-13448
2020-06-01 16:15:14
CVE-2020-13694
2020-06-01 16:15:14
0daydb
0daydb
QuickBox Pro 2.1.8 CVE-2020-13448 - Remote Code Execution
2020-06-03 15:51:53
vBulletin 5.6.1 CVE-2020-12720 - SQL Injection
2020-06-03 15:53:27
VMware vCenter Server 6.7 CVE-2020-3952 - Authentication Bypass
2020-06-03 15:50:27