|
198201
|
4.8 |
MEDIUM
Network
|
bakeshop_online_ordering_system_project
|
bakeshop_online_ordering_system
|
Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML in admin dashboard - "Categories".
|
CWE-79
Cross-site Scripting
|
CVE-2020-35309
|
2024-11-21 14:27 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198202
|
9.1 |
CRITICAL
Network
|
student_result_management_system_project
|
student_result_management_system
|
Student Result Management System In PHP With Source Code is affected by SQL injection. An attacker can able to access of Admin Panel and manage every account of Result.
|
CWE-89
SQL Injection
|
CVE-2020-35270
|
2024-11-21 14:27 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198203
|
9.8 |
CRITICAL
Network
|
egavilanmedia
|
user_registration_and_login_system_with_admin_panel
|
EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution.
|
CWE-89
SQL Injection
|
CVE-2020-35263
|
2024-11-21 14:27 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198204
|
8.8 |
HIGH
Network
|
cakefoundation
|
cakephp
|
A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to a…
|
CWE-352
Origin Validation Error
|
CVE-2020-35239
|
2024-11-21 14:27 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198205
|
4.8 |
MEDIUM
Network
|
employee_performance_evaluation_system_project
|
employee_performance_evaluation_system
|
Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35272
|
2024-11-21 14:27 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198206
|
4.8 |
MEDIUM
Network
|
employee_performance_evaluation_system_project
|
employee_performance_evaluation_system
|
Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Employees, First Name and Last Name fields.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35271
|
2024-11-21 14:27 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198207
|
7.5 |
HIGH
Network
|
erlang
fedoraproject
|
erlang\/otp
fedora
|
An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-35733
|
2024-11-21 14:27 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198208
|
5.4 |
MEDIUM
Network
|
enviragallery
|
envira_gallery
|
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_ti…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35582
|
2024-11-21 14:27 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198209
|
5.4 |
MEDIUM
Network
|
enviragallery
|
envira_gallery
|
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the m…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35581
|
2024-11-21 14:27 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198210
|
8.8 |
HIGH
Network
|
eclipse
|
vert.x-web
|
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token …
|
CWE-352
Origin Validation Error
|
CVE-2020-35217
|
2024-11-21 14:27 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
