|
212611
|
8.8 |
HIGH
Network
|
hgiga
|
oaklouds_ccm\@il
|
HGiga C&Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CCMAILN before olln-calendar-5.0-100.i386.rpm contains a SQL Injection vulnerability which allows attackers to injecting SQL commands i…
|
CWE-89
SQL Injection
|
CVE-2020-10512
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212612
|
9.8 |
CRITICAL
Network
|
hgiga
|
oaklouds_ccm\@il
|
HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. Attackers can exploit these flaws to access unauthorized functi…
|
CWE-78
OS Command
|
CVE-2020-10511
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212613
|
9.8 |
CRITICAL
Network
|
the_school_manage_system_project
|
the_school_manage_system
|
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting ma…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-10507
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212614
|
7.5 |
HIGH
Network
|
the_school_manage_system_project
|
the_school_manage_system
|
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files.
|
CWE-22
Path Traversal
|
CVE-2020-10506
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212615
|
9.8 |
CRITICAL
Network
|
the_school_manage_system_project
|
the_school_manage_system
|
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases sch…
|
CWE-89
SQL Injection
|
CVE-2020-10505
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212616
|
7.8 |
HIGH
Local
|
mbconnectline
|
mymbconnect24
mbconnect24
|
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local privilege escalation from the www-data account to the root accoun…
|
CWE-269
Improper Privilege Management
|
CVE-2020-10384
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212617
|
9.8 |
CRITICAL
Network
|
mbconnectline
|
mymbconnect24
mbconnect24
|
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module.
|
NVD-CWE-noinfo
|
CVE-2020-10383
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212618
|
8.8 |
HIGH
Network
|
mbconnectline
|
mymbconnect24
mbconnect24
|
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an authenticated remote code execution in the backup-scheduler.
|
NVD-CWE-noinfo
|
CVE-2020-10382
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212619
|
5.3 |
MEDIUM
Network
|
mbconnectline
|
mymbconnect24
mbconnect24
|
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated SQL injection in DATA24, allowing attackers to discove…
|
CWE-89
SQL Injection
|
CVE-2020-10381
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212620
|
7.8 |
HIGH
Local
|
fujielectric
|
v-server
|
Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated to read data, when parsing VPR files, is too small.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-10646
|
2024-11-21 13:55 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
