|
209461
|
9.8 |
CRITICAL
Network
|
avast
|
retdec
|
An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service,…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-23907
|
2024-11-21 14:14 |
2021-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209462
|
7.5 |
HIGH
Network
|
intelbras
|
tip200_firmware
tip200lite_firmware
|
INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.
|
NVD-CWE-noinfo
|
CVE-2020-24285
|
2024-11-21 14:14 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209463
|
9.8 |
CRITICAL
Network
|
online_book_store_project
|
online_book_store
|
SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
|
CWE-89
SQL Injection
|
CVE-2020-23763
|
2024-11-21 14:14 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209464
|
5.4 |
MEDIUM
Network
|
larsens_calendar_project
|
larsens_calendar
|
Cross Site Scripting (XSS) vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hi…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23762
|
2024-11-21 14:14 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209465
|
6.1 |
MEDIUM
Network
|
intelliants
|
subrion
|
Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote attackers to execute arbitrary web script via the "payment gateway" column on transactions tab.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23761
|
2024-11-21 14:14 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209466
|
8.3 |
HIGH
Network
|
wcms
|
wcms
|
Server-side request forgery in Wcms 0.3.2 let an attacker send crafted requests from the back-end server of a vulnerable web application via the pagename parameter to wex/html.php. It can help identi…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-24140
|
2024-11-21 14:14 |
2021-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209467
|
8.3 |
HIGH
Network
|
wcms
|
wcms
|
Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-24139
|
2024-11-21 14:14 |
2021-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209468
|
5.3 |
MEDIUM
Network
|
wcms
|
wcms
|
Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php.
|
CWE-22
Path Traversal
|
CVE-2020-24137
|
2024-11-21 14:14 |
2021-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209469
|
6.1 |
MEDIUM
Network
|
wcms
|
wcms
|
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Wcms 0.3.2, which allows remote attackers to inject arbitrary web script and HTML via the type parameter to wex/cssjs.php.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24135
|
2024-11-21 14:14 |
2021-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209470
|
6.1 |
MEDIUM
Network
|
wcms
|
wcms
|
Cross Site Scripting (XSS) vulnerability in wcms 0.3.2 allows remote attackers to inject arbitrary web script and HTML via the pagename parameter to wex/html.php.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24138
|
2024-11-21 14:14 |
2021-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
