|
202601
|
6.1 |
MEDIUM
Network
|
tipsandtricks-hq
|
simple_download_monitor
|
Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5650
|
2024-11-21 14:34 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202602
|
7.2 |
HIGH
Network
|
nagios
|
nagios_xi
|
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of…
|
CWE-88
Argument Injection
|
CVE-2020-5792
|
2024-11-21 14:34 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202603
|
7.2 |
HIGH
Network
|
nagios
|
nagios_xi
|
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache u…
|
CWE-78
OS Command
|
CVE-2020-5791
|
2024-11-21 14:34 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202604
|
6.5 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
|
CWE-352
Origin Validation Error
|
CVE-2020-5790
|
2024-11-21 14:34 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202605
|
9.8 |
CRITICAL
Network
|
onethird
|
onethird
|
Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2020-5640
|
2024-11-21 14:34 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202606
|
8.8 |
HIGH
Network
|
onwebchat
|
live_chat_-_live_support
|
Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2020-5642
|
2024-11-21 14:34 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202607
|
6.5 |
MEDIUM
Network
|
dell
|
emc_openmanage_integration_for_microsoft_system_center
|
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an information disclosure vulnerability. Authenticated low privileged OMIMSCC …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-5389
|
2024-11-21 14:34 |
2020-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202608
|
8.8 |
HIGH
Adjacent
|
elecom
|
wrc-2533gst2_firmware
wrc-1900gst2_firmware
wrc-1750gst2_firmware
wrc-1167gst2_firmware
|
ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions pri…
|
NVD-CWE-noinfo
|
CVE-2020-5634
|
2024-11-21 14:34 |
2020-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202609
|
7.8 |
HIGH
Local
|
nec
|
infocage_siteshell
|
InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, H…
|
NVD-CWE-noinfo
|
CVE-2020-5632
|
2024-11-21 14:34 |
2020-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202610
|
6.1 |
MEDIUM
Network
|
cmonos
|
cmonos
|
Stored cross-site scripting vulnerability in CMONOS.JP ver2.0.20191009 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5631
|
2024-11-21 14:34 |
2020-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
