|
209961
|
9.8 |
CRITICAL
Network
|
jerryscript
|
jerryscript
|
An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecma_builtin_array_prototype_object_slice parameter.
|
NVD-CWE-noinfo
|
CVE-2020-22597
|
2024-11-21 14:13 |
2023-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209962
|
9.8 |
CRITICAL
Network
|
thedaylightstudio
|
fuel_cms
|
File Upload vulnerability in FUEL-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted .php file to the upload parameter in the navigation function.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-22153
|
2024-11-21 14:13 |
2023-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209963
|
5.4 |
MEDIUM
Network
|
thedaylightstudio
|
fuel_cms
|
Cross Site Scripting vulnerability in daylight studio FUEL- CMS v.1.4.6 allows a remote attacker to execute arbitrary code via the page title, meta description and meta keywords of the pages function.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22152
|
2024-11-21 14:13 |
2023-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209964
|
9.8 |
CRITICAL
Network
|
thedaylightstudio
|
fuel_cms
|
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted zip file to the assests parameter of the upload function.
|
NVD-CWE-noinfo
|
CVE-2020-22151
|
2024-11-21 14:13 |
2023-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209965
|
5.4 |
MEDIUM
Network
|
ibexa
|
ezpublish_legacy
ezpublish_platform
|
Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23065
|
2024-11-21 14:13 |
2023-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209966
|
6.1 |
MEDIUM
Network
|
alinto
|
sogo_web_mail
|
Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22402
|
2024-11-21 14:13 |
2023-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209967
|
7.1 |
HIGH
Network
|
yershop_project
|
yershop
|
Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter.
|
CWE-269
Improper Privilege Management
|
CVE-2020-23362
|
2024-11-21 14:13 |
2023-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209968
|
8.8 |
HIGH
Network
|
mingsoft
|
mcms
|
File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-22755
|
2024-11-21 14:13 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209969
|
6.5 |
MEDIUM
Network
|
beescms
|
beescms
|
Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/admin_admin.php.
|
CWE-352
Origin Validation Error
|
CVE-2020-22334
|
2024-11-21 14:13 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209970
|
7.8 |
HIGH
Local
|
redox-os
|
redox
|
redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs.
|
CWE-416
Use After Free
|
CVE-2020-22429
|
2024-11-21 14:13 |
2023-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
