|
197761
|
6.5 |
MEDIUM
Network
|
freedesktop
|
poppler
|
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-36023
|
2024-11-21 14:28 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197762
|
8.8 |
HIGH
Network
|
flycms_project
|
flycms
|
Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.
|
CWE-352
Origin Validation Error
|
CVE-2020-36065
|
2024-11-21 14:28 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197763
|
9.8 |
CRITICAL
Network
|
thecontrolgroup
|
voyager
|
Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2020-36070
|
2024-11-21 14:28 |
2023-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197764
|
8.8 |
HIGH
Network
|
tailor_mangement_system_project
|
tailor_mangement_system
|
SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file
|
CWE-89
SQL Injection
|
CVE-2020-36077
|
2024-11-21 14:28 |
2023-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197765
|
8.8 |
HIGH
Network
|
tailor_mangement_system_project
|
tailor_mangement_system
|
SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter.
|
CWE-89
SQL Injection
|
CVE-2020-36074
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197766
|
8.8 |
HIGH
Network
|
tailor_management_system_project
|
tailor_management_system
|
SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page.
|
CWE-89
SQL Injection
|
CVE-2020-36073
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197767
|
8.8 |
HIGH
Network
|
tailor_management_system_project
|
tailor_management_system
|
SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2020-36072
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197768
|
8.8 |
HIGH
Network
|
tailor_management_system_project
|
tailor_management_system
|
SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page.
|
CWE-89
SQL Injection
|
CVE-2020-36071
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197769
|
6.5 |
MEDIUM
Network
|
fiserv
|
prologue
|
Fiserv Prologue through 2020-12-16 does not properly protect the database password. If an attacker were to gain access to the configuration file (specifically, the LogPassword attribute within appcon…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-35992
|
2024-11-21 14:28 |
2022-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197770
|
9.8 |
CRITICAL
Network
|
phpgurukul
|
dairy_farm_shop_management_system
|
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-36062
|
2024-11-21 14:28 |
2022-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
