|
209451
|
9.1 |
CRITICAL
Network
|
modx
|
modx_revolution
|
A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an information disclosure or denial of service (DOS).
|
CWE-611
XXE
|
CVE-2020-25911
|
2024-11-21 14:18 |
2021-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209452
|
5.5 |
MEDIUM
Local
|
ranko
|
rkcms
|
A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vu…
|
CWE-22
Path Traversal
|
CVE-2020-25881
|
2024-11-21 14:18 |
2021-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209453
|
6.5 |
MEDIUM
Network
|
baijiacms_project
|
baijiacms
|
A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "i…
|
CWE-22
Path Traversal
|
CVE-2020-25873
|
2024-11-21 14:18 |
2021-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209454
|
4.9 |
MEDIUM
Network
|
frogcms_project
|
frogcms
|
A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.
|
CWE-22
Path Traversal
|
CVE-2020-25872
|
2024-11-21 14:18 |
2021-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209455
|
7.5 |
HIGH
Network
|
hcc-embedded
|
nichestack_ipv4
|
An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_copy_in routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bound…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25767
|
2024-11-21 14:18 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209456
|
9.8 |
CRITICAL
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the Save_Password form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-25566
|
2024-11-21 14:18 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209457
|
9.8 |
CRITICAL
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-25565
|
2024-11-21 14:18 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209458
|
8.8 |
HIGH
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature.
|
CWE-863
Incorrect Authorization
|
CVE-2020-25564
|
2024-11-21 14:18 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209459
|
9.8 |
CRITICAL
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature and not having a J…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-25563
|
2024-11-21 14:18 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209460
|
6.5 |
MEDIUM
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 5.0, there is no CSRF token present in the entire application. This can lead to CSRF vulnerabilities in critical application forms like account resent.
|
CWE-352
Origin Validation Error
|
CVE-2020-25562
|
2024-11-21 14:18 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
