|
209451
|
9.8 |
CRITICAL
Network
|
ectouch
|
ectouch
|
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..
|
CWE-89
SQL Injection
|
CVE-2020-21806
|
2024-11-21 14:12 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209452
|
4.8 |
MEDIUM
Network
|
s-cms
|
s-cms
|
A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
CWE-79
Cross-site Scripting
|
CVE-2020-20701
|
2024-11-21 14:12 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209453
|
4.8 |
MEDIUM
Network
|
s-cms
|
s-cms
|
A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text …
|
CWE-79
Cross-site Scripting
|
CVE-2020-20700
|
2024-11-21 14:12 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209454
|
4.8 |
MEDIUM
Network
|
s-cms
|
s-cms
|
A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings.
|
CWE-79
Cross-site Scripting
|
CVE-2020-20699
|
2024-11-21 14:12 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209455
|
7.2 |
HIGH
Network
|
s-cms
|
s-cms
|
A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file.
|
CWE-862
Missing Authorization
|
CVE-2020-20698
|
2024-11-21 14:12 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209456
|
9.8 |
CRITICAL
Network
|
beckhoff
|
cx9020
|
Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote…
|
NVD-CWE-Other
|
CVE-2020-20741
|
2024-11-21 14:12 |
2021-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209457
|
9.8 |
CRITICAL
Network
|
motorola
|
cx2_firmware
|
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
|
CWE-78
OS Command
|
CVE-2020-21937
|
2024-11-21 14:12 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209458
|
5.3 |
MEDIUM
Network
|
motorola
|
cx2_firmware
|
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSetti…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-21936
|
2024-11-21 14:12 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209459
|
9.8 |
CRITICAL
Network
|
motorola
|
cx2_firmware
|
A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
|
CWE-78
OS Command
|
CVE-2020-21935
|
2024-11-21 14:12 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209460
|
7.5 |
HIGH
Network
|
motorola
|
cx2_firmware
|
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-21934
|
2024-11-21 14:12 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
