|
202171
|
7.5 |
HIGH
Network
|
sysjust
|
syuan-gu-da-shin
|
SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database.
|
CWE-89
SQL Injection
|
CVE-2020-3937
|
2024-11-21 14:31 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202172
|
7.5 |
HIGH
Network
|
changingtec
|
servisign
|
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API …
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-3927
|
2024-11-21 14:31 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202173
|
7.5 |
HIGH
Network
|
changingtec
|
servisign
|
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API …
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-3926
|
2024-11-21 14:31 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202174
|
8.8 |
HIGH
Network
|
changingtec
|
servisign
|
A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arb…
|
NVD-CWE-noinfo
|
CVE-2020-3925
|
2024-11-21 14:31 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202175
|
6.1 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3758
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202176
|
7.5 |
HIGH
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information …
|
CWE-89
SQL Injection
|
CVE-2020-3719
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202177
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execut…
|
NVD-CWE-noinfo
|
CVE-2020-3718
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202178
|
5.3 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information …
|
CWE-22
Path Traversal
|
CVE-2020-3717
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202179
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arb…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-3716
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202180
|
6.1 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3715
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
