Security Vulnerabilities - CVEs Published In February 2020
Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.
CVSS Score
9.8
EPSS Score
0.767
Published
2020-02-17
The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
CVSS Score
8.8
EPSS Score
0.307
Published
2020-02-17
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
CVSS Score
7.0
EPSS Score
0.001
Published
2020-02-17
SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT.
CVSS Score
5.4
EPSS Score
0.029
Published
2020-02-17
A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-02-17
Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.
CVSS Score
8.1
EPSS Score
0.002
Published
2020-02-17
Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4.8.84 for WordPress allows XSS via a crafted SAML XML Response to wp-login.php. This is related to the SAMLResponse and RelayState variables, and the Destination parameter of the samlp:Response XML element.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-02-17
Joplin through 1.0.184 allows Arbitrary File Read via XSS.
CVSS Score
5.4
EPSS Score
0.014
Published
2020-02-17
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.029
Published
2020-02-17
The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data with the attachmentUrl POST variable. This allows creation of an arbitrary WordPress Administrator account, leading to possible Remote Code Execution because Administrators can run PHP code on Wordpress instances. (This issue has been fixed in the 3.x branch of popup-builder.)
CVSS Score
9.8
EPSS Score
0.413
Published
2020-02-17