|
211021
|
8.8 |
HIGH
Network
|
tufin
|
securetrack
|
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were present in Tufin SecureTrack, affecting all versions prior to R20-2 GA.
|
CWE-352
Origin Validation Error
|
CVE-2020-13460
|
2024-11-21 14:01 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211022
|
5.9 |
MEDIUM
Adjacent
|
tufin
|
securetrack
|
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or …
|
CWE-79
Cross-site Scripting
|
CVE-2020-13409
|
2024-11-21 14:01 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211023
|
5.9 |
MEDIUM
Adjacent
|
tufin
|
securetrack
|
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or …
|
CWE-79
Cross-site Scripting
|
CVE-2020-13408
|
2024-11-21 14:01 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211024
|
5.9 |
MEDIUM
Adjacent
|
tufin
|
securetrack
|
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or …
|
CWE-79
Cross-site Scripting
|
CVE-2020-13407
|
2024-11-21 14:01 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211025
|
7.8 |
HIGH
Local
|
softmaker
|
planmaker_2021
|
A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malforme…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-13586
|
2024-11-21 14:01 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211026
|
7.8 |
HIGH
Local
|
softmaker
|
planmaker_2021
|
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-13580
|
2024-11-21 14:01 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211027
|
7.8 |
HIGH
Local
|
softmaker
|
planmaker_2021
|
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the docum…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-13579
|
2024-11-21 14:01 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211028
|
6.1 |
MEDIUM
Network
|
phpgacl_project
open-emr
|
phpgacl
openemr
|
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a craf…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13564
|
2024-11-21 14:01 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211029
|
6.1 |
MEDIUM
Network
|
phpgacl_project
open-emr
|
phpgacl
openemr
|
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a craf…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13563
|
2024-11-21 14:01 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211030
|
6.1 |
MEDIUM
Network
|
phpgacl_project
open-emr
|
phpgacl
openemr
|
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a craf…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13562
|
2024-11-21 14:01 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
