|
197021
|
8.8 |
HIGH
Network
|
adobe
|
incopy
|
Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote cod…
|
-
|
CVE-2021-21090
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197022
|
6.1 |
MEDIUM
Network
|
adobe
|
experience_manager
experience_manager_cloud_service
|
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abus…
|
-
|
CVE-2021-21084
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197023
|
7.5 |
HIGH
Network
|
adobe
|
experience_manager
experience_manager_cloud_service
|
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by an Improper Access Control vulnerability. An unauthenticated attacke…
|
NVD-CWE-Other
|
CVE-2021-21083
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197024
|
6.1 |
MEDIUM
Network
|
ec-cube
|
ec-cube
|
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE 4 series) allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially …
|
CWE-79
Cross-site Scripting
|
CVE-2021-20751
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197025
|
6.1 |
MEDIUM
Network
|
ec-cube
|
ec-cube
|
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to 3.0.18-p2 (EC-CUBE 3 series) and EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE 4 series) allows a remote attacker to inject an arbitrary script by …
|
CWE-79
Cross-site Scripting
|
CVE-2021-20750
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197026
|
5.4 |
MEDIUM
Network
|
nendeb
|
fudousan_plugin
fudousan_plugin_pro_multi-user
fudousan_plugin_pro_single-user
|
Cross-site scripting vulnerability in Fudousan plugin ver5.7.0 and earlier, Fudousan Plugin Pro Single-User Type ver5.7.0 and earlier, and Fudousan Plugin Pro Multi-User Type ver5.7.0 and earlier all…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20749
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197027
|
5.4 |
MEDIUM
Network
|
wordpress_popular_posts_project
|
wordpress_popular_posts
|
Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20746
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197028
|
7.8 |
HIGH
Local
|
inkdrop
|
inkdrop
|
Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop.
|
CWE-78
OS Command
|
CVE-2021-20745
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197029
|
8.8 |
HIGH
Network
|
hitachi
nec
|
virtual_file_platform
nas_gateway_nh4a_firmware
nas_gateway_nh8a_firmware
nas_gateway_nh4b_firmware
nas_gateway_nh8b_firmware
nas_gateway_nh4c_firmware
nas_gateway_nh8c_firmware
|
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/N…
|
CWE-78
OS Command
|
CVE-2021-20740
|
2024-11-21 14:47 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197030
|
7.5 |
HIGH
Network
|
phoenixcontact
|
fl_comserver_uni_232\/422\/485_firmware
fl_comserver_uni_232\/422\/485-t_firmware
|
In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can lead to a temporary denial of service.
|
-
|
CVE-2021-21002
|
2024-11-21 14:47 |
2021-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
