CVE Daily
← All years

All CVEs — 2020

Page 3/122.

Browse all CVEs by publication year. Use filters to refine.

CVSS ≥ 0.0
2020-12-28
Medium

CVE-2020-26031

An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base drafts to Knowledge Base readers (who are authenticated but have insufficient permissions).

CVSS: 4.3 CWE: CWE-276
Read more
Critical

CVE-2020-26030

An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticate…

CVSS: 9.8 CWE: CWE-287
Read more
Medium

CVE-2020-26029

An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not…

CVSS: 6.5 CWE: CWE-863
Read more
Medium

CVE-2020-26028

An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets.

CVSS: 4.9 CWE: CWE-863
Read more
Medium

CVE-2020-29193

Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order).

CVSS: 6.8 CWE: CWE-798
Read more
Medium

CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" re…

CVSS: 6.1 CWE: CWE-190
Read more
2020-12-27
High

CVE-2020-35736

GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.

CVSS: 7.5 CWE: CWE-22
Read more
Medium

CVE-2020-29156

The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.

CVSS: 5.3 CWE: CWE-639
Read more
Medium

CVE-2020-29250

CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-29249

CXUUCMS V3 allows class="layui-input" XSS.

CVSS: 6.1 CWE: CWE-79
Read more
High

CVE-2020-29299

Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator be…

CVSS: 7.2 CWE: CWE-77
Read more
Medium

CVE-2020-29204

XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java.

CVSS: 6.1 CWE: CWE-79
Read more
Critical

CVE-2020-35729

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.

CVSS: 9.8 CWE: CWE-78
Read more
High

CVE-2020-35728

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka e…

CVSS: 8.1 CWE: CWE-502
Read more
Low

CVE-2020-35448

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c beca…

CVSS: 3.3 CWE: CWE-125
Read more
High

CVE-2020-8290

Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of cl…

CVSS: 7.8 CWE: CWE-269
Read more
High

CVE-2020-8289

Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where…

CVSS: 7.8 CWE: CWE-295
Read more
High

CVE-2020-7845

Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. It leads remote attacker to execute arbitrary code via cr…

CVSS: 8.1 CWE: CWE-121
Read more
Medium

CVE-2020-35678

Autobahn|Python before 20.12.3 allows redirect header injection.

CVSS: 6.1 CWE: CWE-601
Read more
2020-12-26
Critical

CVE-2020-35245

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addUser.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-35244

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addGroup.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-35243

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserInfoInDb.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-35242

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserTeamInfoInDbAndMemory.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-29203

struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT.

CVSS: 9.8 CWE: CWE-120
Read more
Medium

CVE-2020-28759

The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. NOTE: another person has stated "I don't think there is an proof of overflow so far.

CVSS: 5.5 CWE: CWE-120
Read more
High

CVE-2020-35362

DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp. This could allow remote files to be downloaded via a dext5CMD=downloadRequest action with traversal…

CVSS: 7.5 CWE: CWE-22
Read more
High

CVE-2020-35284

Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation…

CVSS: 7.5 CWE: CWE-22
Read more
High

CVE-2020-35450

Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain set_language calls.

CVSS: 7.5 CWE: CWE-476
Read more
High

CVE-2020-35359

Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit.

CVSS: 7.5 CWE: CWE-770
Read more
Medium

CVE-2020-35437

Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.

CVSS: 6.1 CWE: CWE-79
Read more
High

CVE-2020-35376

Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.

CVSS: 7.5 CWE: CWE-787
Read more
Medium

CVE-2020-35349

Savsoft Quiz 5 is affected by: Cross Site Scripting (XSS) via field_title (aka a title on the custom fields page).

CVSS: 4.8 CWE: CWE-79
Read more
Medium

CVE-2020-35347

CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add.

CVSS: 6.5 CWE: CWE-352
Read more
Medium

CVE-2020-35346

CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content&a=add.

CVSS: 4.8 CWE: CWE-79
Read more
Medium

CVE-2020-20412

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.

CVSS: 6.5 CWE: CWE-129
Read more
Medium

CVE-2020-29385

GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign t…

CVSS: 5.5 CWE: CWE-835
Read more
Medium

CVE-2020-29172

A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-27515

A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field.

CVSS: 6.1 CWE: CWE-79
Read more
High

CVE-2020-26766

A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1.

CVSS: 8.8 CWE: CWE-352
Read more
High

CVE-2020-25917

Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. A low privileged user on the platform, for example a user with "helpdesk" privileges, can perform privileged operatio…

CVSS: 8.8 CWE: CWE-669
Read more
High

CVE-2020-35715

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.

CVSS: 8.8 CWE: CWE-78
Read more
High

CVE-2020-35714

Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.

CVSS: 8.8 CWE: CWE-78
Read more
Critical

CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.

CVSS: 9.8 CWE: CWE-78
Read more
Critical

CVE-2020-35712

Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations.

CVSS: 9.8 CWE: CWE-918
Read more
2020-12-25
Medium

CVE-2020-35710

Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the…

CVSS: 5.3 CWE: CWE-200
Read more
Medium

CVE-2020-35709

bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory t…

CVSS: 4.9 CWE: CWE-22
Read more
High

CVE-2020-35708

phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page.

CVSS: 7.2 CWE: CWE-89
Read more
Medium

CVE-2020-35707

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen.

CVSS: 5.4 CWE: CWE-79
Read more
Medium

CVE-2020-35706

Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen.

CVSS: 5.4 CWE: CWE-79
Read more
Medium

CVE-2020-35705

Daybyday 2.1.0 allows stored XSS via the Name parameter to the New User screen.

CVSS: 5.4 CWE: CWE-79
Read more
Medium

CVE-2020-35704

Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Lead screen.

CVSS: 5.4 CWE: CWE-79
Read more
High

CVE-2020-35702

DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones…

CVSS: 7.8 CWE: CWE-787
Read more
2020-12-24
Critical

CVE-2020-26282

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it…

CVSS: 10.0 CWE: CWE-74
Read more
Critical

CVE-2020-29474

EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-29472

EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrar…

CVSS: 9.8 CWE: CWE-89
Read more
Medium

CVE-2020-29247

WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers,…

CVSS: 4.8 CWE: CWE-79
Read more
High

CVE-2020-11093

Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a s…

CVSS: 7.5 CWE: CWE-347
Read more
High

CVE-2020-24658

Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes…

CVSS: 7.8 CWE: CWE-770
Read more
Medium

CVE-2020-9202

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attack…

CVSS: 4.4 CWE: CWE-922
Read more
Medium

CVE-2020-9201

There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages includi…

CVSS: 6.5 CWE: CWE-125
Read more
High

CVE-2020-9200

There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files.…

CVSS: 7.8 CWE: CWE-1236
Read more
Medium

CVE-2020-9137

There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with…

CVSS: 6.7 CWE: CWE-20
Read more
High

CVE-2020-35680

smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of cl…

CVSS: 7.5 CWE: CWE-476
Read more
High

CVE-2020-35679

smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.

CVSS: 7.5 CWE: CWE-401
Read more
Medium

CVE-2020-35659

The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS. An attacker with the ability to directly or indirectly query DNS with a malicious hostname can cause arbitrary JavaScript to exe…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-27729

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to bui…

CVSS: 6.1 CWE: CWE-601
Read more
Medium

CVE-2020-27727

On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, when an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system doe…

CVSS: 4.9 CWE: CWE-20
Read more
Medium

CVE-2020-27726

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for aut…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-27722

In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumpti…

CVSS: 6.5 CWE: CWE-400
Read more
Medium

CVE-2020-27719

On BIG-IP 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, a cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.

CVSS: 6.1 CWE: CWE-79
Read more
Critical

CVE-2020-28188

Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.

CVSS: 9.8 CWE: CWE-78
Read more
Critical

CVE-2020-28187

Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to…

CVSS: 9.8 CWE: CWE-22
Read more
High

CVE-2020-28186

Email Injection in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to abuse the forget password functionality and achieve account takeover.

CVSS: 7.3 CWE: CWE-640
Read more
Medium

CVE-2020-28184

Cross-site scripting (XSS) vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php.

CVSS: 5.4 CWE: CWE-79
Read more
High

CVE-2020-28169

The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SY…

CVSS: 7.0 CWE: CWE-732
Read more
Medium

CVE-2020-27725

In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be liste…

CVSS: 4.3 CWE: CWE-401
Read more
Medium

CVE-2020-27724

In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenti…

CVSS: 6.5 CWE: CWE-400
Read more
Medium

CVE-2020-35677

BigProf Online Invoicing System before 4.0 fails to adequately sanitize fields for HTML characters upon an administrator using admin/pageEditGroup.php to create a new group, resulting in Stored XSS.…

CVSS: 4.8 CWE: CWE-79
Read more
Medium

CVE-2020-35676

BigProf Online Invoicing System before 3.1 fails to correctly sanitize an XSS payload when a user registers using the self-registration functionality. As such, an attacker can input a crafted payload…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-35669

An issue was discovered in the http package through 0.12.2 for Dart. If the attacker controls the HTTP method and the app is using Request directly, it's possible to achieve CRLF injection in an HTTP…

CVSS: 6.1 CWE: CWE-74
Read more
Medium

CVE-2020-5684

iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to…

CVSS: 4.8 CWE: CWE-295
Read more
High

CVE-2020-5681

Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows…

CVSS: 7.8 CWE: CWE-427
Read more
Low

CVE-2020-2505

If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

CVSS: 2.3 CWE: CWE-209
Read more
Medium

CVE-2020-2504

If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

CVSS: 5.8 CWE: CWE-20
Read more
Critical

CVE-2020-2503

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and…

CVSS: 9.0 CWE: CWE-79
Read more
Medium

CVE-2020-2499

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already…

CVSS: 6.3 CWE: CWE-259
Read more
2020-12-23
High

CVE-2020-35668

RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.

CVSS: 7.5 CWE: CWE-476
Read more
High

CVE-2020-35666

Steedos Platform through 1.21.24 allows NoSQL injection because the /api/collection/findone implementation in server/packages/steedos_base.js mishandles req.body validation, as demonstrated by MongoD…

CVSS: 8.8 CWE: CWE-89
Read more
Critical

CVE-2020-35665

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.

CVSS: 9.8 CWE: CWE-78
Read more
High

CVE-2020-35598

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623

CVSS: 7.5 CWE: CWE-22
Read more
High

CVE-2020-35370

A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically crafted request to override the specific file in server with malicious content can…

CVSS: 8.8 CWE: CWE-22
Read more
High

CVE-2020-35269

Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers.

CVSS: 8.8 CWE: CWE-352
Read more
Medium

CVE-2020-35252

Cross Site Scripting (XSS) vulnerability via the 'Full Name' parameter in the User Registration section of User Registration & Login System with Admin Panel 1.0.

CVSS: 6.1 CWE: CWE-79
Read more
Critical

CVE-2020-28074

SourceCodester Online Health Care System 1.0 is affected by SQL Injection which allows a potential attacker to bypass the authentication system and become an admin.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-28073

SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system.

CVSS: 9.8 CWE: CWE-89
Read more
Medium

CVE-2020-28071

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS…

CVSS: 4.8 CWE: CWE-79
Read more
Critical

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter.

CVSS: 9.8 CWE: CWE-89
Read more
High

CVE-2020-27397

Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server…

CVSS: 8.8 CWE: CWE-434
Read more
Medium

CVE-2020-13969

CRK Business Platform <= 2019.1 allows reflected XSS via erro.aspx on 'CRK', 'IDContratante', 'Erro', or 'Mod' parameter. This is path-independent.

CVSS: 6.1 CWE: CWE-79
Read more
Critical

CVE-2020-13968

CRK Business Platform <= 2019.1 allows can inject SQL statements against the DB on any path using the 'strSessao' parameter.

CVSS: 9.8 CWE: CWE-89
Read more
High

CVE-2020-11719

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key.

CVSS: 7.5 CWE: CWE-798
Read more
High

CVE-2018-1000893

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions.

CVSS: 7.5 CWE: CWE-400
Read more
High

CVE-2018-1000892

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving sendheaders messages.

CVSS: 7.5 CWE: CWE-400
Read more
High

CVE-2018-1000891

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums.

CVSS: 7.5 CWE: CWE-400
Read more
Medium

CVE-2020-9439

Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the sear…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-6159

URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not perform…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-35650

Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgm_code_redeem PO…

CVSS: 6.1 CWE: CWE-79
Read more
High

CVE-2020-35587

In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is dir…

CVSS: 7.5 CWE: CWE-311
Read more
Critical

CVE-2020-29552

An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command an…

CVSS: 9.8 CWE: CWE-78
Read more
Critical

CVE-2020-29551

An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: _…

CVSS: 9.1 CWE: CWE-306
Read more
High

CVE-2020-29550

An issue was discovered in URVE Build 24.03.2020. The password of an integration user account (used for the connection of the MS Office 365 Integration Service) is stored in cleartext in configuratio…

CVSS: 7.5 CWE: CWE-312
Read more
Critical

CVE-2020-11720

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and passwor…

CVSS: 9.8 CWE: CWE-798
Read more
High

CVE-2020-11718

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP.

CVSS: 7.4 CWE: CWE-319
Read more
High

CVE-2020-35586

In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there i…

CVSS: 7.5 CWE: CWE-307
Read more
High

CVE-2020-35585

In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities.

CVSS: 7.5 CWE: CWE-307
Read more
Medium

CVE-2020-35584

In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. An attacker suitably positioned to view a legitimate user's ne…

CVSS: 5.9 CWE: CWE-319
Read more
High

CVE-2020-35136

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename fo…

CVSS: 7.2 CWE: CWE-88
Read more
High

CVE-2020-25198

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a sessio…

CVSS: 8.8 CWE: CWE-384
Read more
Critical

CVE-2020-25196

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.

CVSS: 9.8 CWE: CWE-307
Read more
High

CVE-2020-25194

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administ…

CVSS: 8.8 CWE: CWE-269
Read more