|
197651
|
9.1 |
CRITICAL
Network
|
go-unzip_project
|
go-unzip
|
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
|
CWE-22
Path Traversal
|
CVE-2020-36560
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197652
|
7.5 |
HIGH
Network
|
aahframework
|
aah
|
Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.
|
CWE-22
Path Traversal
|
CVE-2020-36559
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197653
|
7.5 |
HIGH
Network
|
gin-gonic
|
gin
|
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-36567
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197654
|
6.1 |
MEDIUM
Network
|
tri
|
panel_builder
|
A vulnerability classified as critical has been found in Modern Tribe Panel Builder Plugin. Affected is the function add_post_content_filtered_to_search_sql of the file ModularContent/SearchFilter.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36626
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197655
|
6.5 |
MEDIUM
Network
|
moodle-block_sitenews_project
|
moodle-block_sitenews
|
A vulnerability was found in moodle-block_sitenews 1.0. It has been classified as problematic. This affects the function get_content of the file block_sitenews.php. The manipulation leads to cross-si…
|
-
|
CVE-2020-36633
|
2024-11-21 14:29 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197656
|
9.8 |
CRITICAL
Network
|
flat_project
|
flat
|
A vulnerability, which was classified as critical, was found in hughsk flat up to 5.0.0. This affects the function unflatten of the file index.js. The manipulation leads to improperly controlled modi…
|
-
|
CVE-2020-36632
|
2024-11-21 14:29 |
2022-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197657
|
9.8 |
CRITICAL
Network
|
dwc_network_server_emulator_project
|
dwc_network_server_emulator
|
A vulnerability was found in barronwaffles dwc_network_server_emulator. It has been declared as critical. This vulnerability affects the function update_profile of the file gamespy/gs_database.py. Th…
|
-
|
CVE-2020-36631
|
2024-11-21 14:29 |
2022-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197658
|
9.8 |
CRITICAL
Network
|
sangoma
|
freepbx
|
A vulnerability was found in FreePBX cdr 14.0. It has been classified as critical. This affects the function ajaxHandler of the file ucp/Cdr.class.php. The manipulation of the argument limit/offset l…
|
-
|
CVE-2020-36630
|
2024-11-21 14:29 |
2022-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197659
|
7.5 |
HIGH
Network
|
httpster_project
|
httpster
|
A vulnerability classified as critical was found in SimbCo httpster. This vulnerability affects the function fs.realpathSync of the file src/server.coffee. The manipulation leads to path traversal. T…
|
-
|
CVE-2020-36629
|
2024-11-21 14:29 |
2022-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197660
|
9.8 |
CRITICAL
Network
|
android_processing_development_environment_project
|
android_processing_development_environment
|
A vulnerability classified as critical has been found in Calsign APDE. This affects the function handleExtract of the file APDE/src/main/java/com/calsignlabs/apde/build/dag/CopyBuildTask.java of the …
|
-
|
CVE-2020-36628
|
2024-11-21 14:29 |
2022-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
