|
198791
|
9.1 |
CRITICAL
Network
|
hancom
|
anysign4pc
|
Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. It occurs because the parameter contains path traversal charac…
|
CWE-22
Path Traversal
|
CVE-2020-7882
|
2024-11-21 14:37 |
2021-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198792
|
8.8 |
HIGH
Network
|
dext5
|
dext5upload
|
DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. Thi…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-7875
|
2024-11-21 14:37 |
2021-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198793
|
7.8 |
HIGH
Local
|
helpu
|
helpuviewer
|
An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrar…
|
CWE-20
Improper Input Validation
|
CVE-2020-7867
|
2024-11-21 14:37 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198794
|
8.8 |
HIGH
Network
|
tobesoft
|
nexacro
|
Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of tobesoft Co., Ltd allows the attacker to cause an arbitrary file download and execution. This vulnerabil…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-7874
|
2024-11-21 14:37 |
2021-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198795
|
9.8 |
CRITICAL
Network
|
ksystem
|
k-system_wellcomm
|
Download of code without integrity check vulnerability in ActiveX control of Younglimwon Co., Ltd allows the attacker to cause a arbitrary file download and execution.
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-7873
|
2024-11-21 14:37 |
2021-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198796
|
9.8 |
CRITICAL
Network
|
inoguard
|
execm_coreb2b
|
A vulnerability(improper input validation) in the ExECM CoreB2B solution allows an unauthenticated attacker to download and execute an arbitrary file via httpDownload function. A successful exploit c…
|
CWE-20
Improper Input Validation
|
CVE-2020-7865
|
2024-11-21 14:37 |
2021-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198797
|
9.8 |
CRITICAL
Network
|
dext5
|
dext5
|
A vulnerability (improper input validation) in the DEXT5 Upload solution allows an unauthenticated attacker to download and execute an arbitrary file via AddUploadFile, SetSelectItem, DoOpenFile func…
|
CWE-20
Improper Input Validation
|
CVE-2020-7832
|
2024-11-21 14:37 |
2021-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198798
|
7.5 |
HIGH
Network
|
ntracker
|
ntracker_usb_enterprise
|
A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other sessio…
|
CWE-89
SQL Injection
|
CVE-2020-7819
|
2024-11-21 14:37 |
2021-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198799
|
8.8 |
HIGH
Network
|
mastersoft
|
zook_agent
zook_viewer
|
A buffer overflow issue was discovered in ZOOK solution(remote administration tool) through processing 'ConnectMe' command while parsing a crafted OUTERIP value because of missing boundary check. Thi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-7877
|
2024-11-21 14:37 |
2021-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198800
|
8.8 |
HIGH
Network
|
raonwiz
|
raon_k_upload
|
A vulnerability in File Transfer Solution of Raonwiz could allow arbitrary command execution as the result of viewing a specially-crafted web page. This vulnerability is due to insufficient validatio…
|
CWE-20
Improper Input Validation
|
CVE-2020-7863
|
2024-11-21 14:37 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
