|
209001
|
9.8 |
CRITICAL
Network
|
jsish
|
jsish
|
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-22874
|
2024-11-21 14:13 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209002
|
9.8 |
CRITICAL
Network
|
jsish
|
jsish
|
Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-22873
|
2024-11-21 14:13 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209003
|
7.5 |
HIGH
Network
|
halo
|
halo
|
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-23079
|
2024-11-21 14:13 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209004
|
6.5 |
MEDIUM
Network
|
pbootcms
|
pbootcms
|
Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-22535
|
2024-11-21 14:13 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209005
|
9.8 |
CRITICAL
Network
|
pbootcms
|
pbootcms
|
Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board.
|
NVD-CWE-noinfo
|
CVE-2020-23580
|
2024-11-21 14:13 |
2021-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209006
|
4.8 |
MEDIUM
Network
|
phplist
|
phplist
|
Cross Site Scripting (XSS) vulnerability in phpList 3.5.3 via the login name field in Manage Administrators when adding a new admin.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22251
|
2024-11-21 14:13 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209007
|
9.8 |
CRITICAL
Network
|
phplist
|
phplist
|
Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-22249
|
2024-11-21 14:13 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209008
|
5.4 |
MEDIUM
Network
|
phplist
|
phplist
|
A stored cross site scripting (XSS) vulnerability in the "Import Subscribers" feature in phplist 3.5.4 and below allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted …
|
CWE-79
Cross-site Scripting
|
CVE-2020-23194
|
2024-11-21 14:13 |
2021-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209009
|
5.4 |
MEDIUM
Network
|
phplist
|
phplist
|
A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload in the "admin" parameter und…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23192
|
2024-11-21 14:13 |
2021-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209010
|
5.4 |
MEDIUM
Network
|
phplist
|
phplist
|
A stored cross site scripting (XSS) vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23190
|
2024-11-21 14:13 |
2021-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
