|
196811
|
6.1 |
MEDIUM
Network
|
voidtools
|
everything
|
HTTP header injection vulnerability in Everything all versions except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product via unspeci…
|
NVD-CWE-Other
|
CVE-2021-20784
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196812
|
8.8 |
HIGH
Network
|
tipsandtricks-hq
|
software_license_manager
|
Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2021-20782
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196813
|
8.8 |
HIGH
Network
|
pluginus
|
wordpress_meta_data_and_taxonomies_filter
|
Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authent…
|
CWE-352
Origin Validation Error
|
CVE-2021-20781
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196814
|
7.5 |
HIGH
Network
|
retty
|
retty
|
Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an exte…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-20748
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196815
|
4.3 |
MEDIUM
Network
|
retty
|
retty
|
Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lea…
|
CWE-862
Missing Authorization
|
CVE-2021-20747
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196816
|
8.8 |
HIGH
Network
|
wp-currency
|
wordpress_currency_switcher
|
Cross-site request forgery (CSRF) vulnerability in WPCS - WordPress Currency Switcher 1.1.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2021-20780
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196817
|
8.8 |
HIGH
Network
|
codemiq
|
wordpress_email_template_designer
|
Cross-site request forgery (CSRF) vulnerability in WordPress Email Template Designer - WP HTML Mail versions prior to 3.0.8 allows remote attackers to hijack the authentication of administrators via …
|
CWE-352
Origin Validation Error
|
CVE-2021-20779
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196818
|
4.3 |
MEDIUM
Network
|
gu-global
|
gu
|
Improper authorization in handler for custom URL scheme vulnerability in GU App for Android versions from 4.8.0 to 5.0.2 allows a remote attacker to lead a user to access an arbitrary website via the…
|
CWE-862
Missing Authorization
|
CVE-2021-20777
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196819
|
9.8 |
CRITICAL
Network
|
a-stage-inc
|
at-40cm01sr_firmware
sct-40cm01sr_firmware
|
Improper authentication vulnerability in SCT-40CM01SR and AT-40CM01SR allows an attacker to bypass access restriction and execute an arbitrary command via telnet.
|
CWE-287
Improper Authentication
|
CVE-2021-20776
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196820
|
6.5 |
MEDIUM
Adjacent
|
elecom
|
wrc-1167fs-w_firmware
wrc-1167fs-b_firmware
wrc-1167fsa_firmware
|
WRC-1167FS-W, WRC-1167FS-B, and WRC-1167FSA all versions allow an unauthenticated network-adjacent attacker to obtain sensitive information via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2021-20738
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
