Simiki Project Simiki vulnerabilities
2 known vulnerabilities affecting simiki_project/simiki.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-19001P2CRITICALCVSS 9.8v1.6.2.12021-08-27
CVE-2020-19001 [CRITICAL] CWE-77 CVE-2020-19001: Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system c
Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'.
ghsanvdosv
CVE-2020-19000P4MEDIUMCVSS 6.1v1.6.2.12021-08-27
CVE-2020-19000 [MEDIUM] CWE-79 CVE-2020-19000: Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary
Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary code via line 54 of the component 'simiki/blob/master/simiki/generators.py'.
ghsanvdosv