|
201021
|
8.8 |
HIGH
Network
|
e-plugins
|
wp_membership
fitness_trainer
hotel_directory
hospital_\&_doctor_directory
lawyer_directory
institutions_directory
real_estate_pro
final_user
directory_pro
photographer…
|
The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress …
|
NVD-CWE-noinfo
|
CVE-2020-36666
|
2024-11-21 14:30 |
2023-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201022
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-36691
|
2024-11-21 14:30 |
2023-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201023
|
6.1 |
MEDIUM
Network
|
seotool_project
|
seotool
|
A vulnerability was found in Artesãos SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value …
|
CWE-601
Open Redirect
|
CVE-2020-36665
|
2024-11-21 14:30 |
2023-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201024
|
6.1 |
MEDIUM
Network
|
seotool_project
|
seotool
|
A vulnerability has been found in Artesãos SEOTools up to 0.17.1 and classified as problematic. This vulnerability affects the function setTitle of the file SEOMeta.php. The manipulation of the argum…
|
-
|
CVE-2020-36664
|
2024-11-21 14:30 |
2023-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201025
|
6.1 |
MEDIUM
Network
|
seotool_project
|
seotool
|
A vulnerability, which was classified as problematic, was found in Artesãos SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value …
|
CWE-601
Open Redirect
|
CVE-2020-36663
|
2024-11-21 14:30 |
2023-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201026
|
7.1 |
HIGH
Local
|
hitachi
|
automation_director
infrastructure_analytics_advisor
ops_center_analyzer
ops_center_automator
ops_center_viewpoint
|
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe serve…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-36652
|
2024-11-21 14:30 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201027
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
spectra
|
The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36656
|
2024-11-21 14:30 |
2023-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201028
|
7.5 |
HIGH
Network
|
konghq
|
multipart
|
A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads t…
|
-
|
CVE-2020-36661
|
2024-11-21 14:30 |
2023-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201029
|
8.1 |
HIGH
Network
|
lemonldap-ng
debian
|
apache\
debian_linux
|
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS m…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-36659
|
2024-11-21 14:30 |
2023-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201030
|
8.1 |
HIGH
Network
|
lemonldap-ng
debian
|
apache\
debian_linux
|
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module fo…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-36658
|
2024-11-21 14:30 |
2023-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
