|
197651
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
|
-
|
CVE-2021-20183
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197652
|
6.1 |
MEDIUM
Network
|
aterm
|
wg2600hp_firmware
wg2600hp2_firmware
|
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20622
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197653
|
8.8 |
HIGH
Network
|
aterm
|
wg2600hp_firmware
wg2600hp2_firmware
|
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication…
|
CWE-352
Origin Validation Error
|
CVE-2021-20621
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197654
|
6.1 |
MEDIUM
Network
|
aterm
|
wg2600hp_firmware
|
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20620
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197655
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_quality_manager
rhapsody_design_manager
rational_engineering_lifecycle_manager
rhapsody_model_manager
engineering_workflow_management
collaborative_lifecycle_management
eng…
|
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20357
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197656
|
8.1 |
HIGH
Network
|
fasterxml
netapp
apache
debian
oracle
|
jackson-databind
oncommand_insight
service_level_manager
oncommand_api_services
active_iq_unified_manager
nifi
debian_linux
commerce_guided_search_and_experience_manager
|
A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidential…
|
-
|
CVE-2021-20190
|
2024-11-21 14:46 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197657
|
6.1 |
MEDIUM
Network
|
weseek
|
growi
|
Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20619
|
2024-11-21 14:46 |
2021-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197658
|
9.8 |
CRITICAL
Network
|
acmailer
|
acmailer_db
acmailer
|
Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4 and earlier allows remote attackers to bypass authentication and to gain an administrative privilege wh…
|
CWE-269
Improper Privilege Management
|
CVE-2021-20618
|
2024-11-21 14:46 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197659
|
9.8 |
CRITICAL
Network
|
acmailer
|
acmailer
acmailer_db
|
Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1.1.3 and earlier allows remote attackers to execute an arbitrary OS command, or gain an administrative …
|
NVD-CWE-Other
|
CVE-2021-20617
|
2024-11-21 14:46 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197660
|
7.8 |
HIGH
Local
|
skygroup
|
skysea_client_view
|
Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-20616
|
2024-11-21 14:46 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
