Midgetspy Sickbeard vulnerabilities
2 known vulnerabilities affecting midgetspy/sickbeard.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-37027P2CRITICALCVSS 9.8v0.12026-01-30
CVE-2020-37027 [CRITICAL] CWE-78 CVE-2020-37027: Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attack
Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the vulnerable Sickbeard installation.
nvd
CVE-2020-37026P4MEDIUMCVSS 5.3v0.12026-01-30
CVE-2020-37026 [MEDIUM] CWE-352 CVE-2020-37026: Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disable
Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disable authentication by submitting crafted configuration parameters. Attackers can trick users into submitting a malicious form that clears web username and password, effectively removing authentication protection.
nvd