|
213221
|
5.4 |
MEDIUM
Network
|
grafana
netapp
|
grafana
e-series_performance_analyzer
|
Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open …
|
CWE-79
Cross-site Scripting
|
CVE-2020-11110
|
2024-11-21 13:56 |
2020-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213222
|
7.5 |
HIGH
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not require…
|
CWE-20
Improper Input Validation
|
CVE-2020-10922
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213223
|
9.8 |
CRITICAL
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to issue commands on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vuln…
|
-
|
CVE-2020-10921
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213224
|
9.8 |
CRITICAL
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit t…
|
-
|
CVE-2020-10920
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213225
|
5.9 |
MEDIUM
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to e…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-10919
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213226
|
7.5 |
HIGH
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit th…
|
-
|
CVE-2020-10918
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213227
|
9.8 |
CRITICAL
Network
|
nec
|
esmpro_manager
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific f…
|
-
|
CVE-2020-10917
|
2024-11-21 13:56 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213228
|
5.4 |
MEDIUM
Network
|
ipear_project
|
ipear
|
In iPear, the manual execution of the eval() function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing an…
|
CWE-77
Command Injection
|
CVE-2020-11084
|
2024-11-21 13:56 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213229
|
4.8 |
MEDIUM
Network
|
octobercms
|
october
|
In October from version 1.0.319 and before version 1.0.466, a user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other…
|
CWE-79
Cross-site Scripting
|
CVE-2020-11083
|
2024-11-21 13:56 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213230
|
6.1 |
MEDIUM
Network
|
tenda
|
ac15_firmware
|
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10989
|
2024-11-21 13:56 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
