|
199251
|
9.8 |
CRITICAL
Network
|
school_faculty_scheduling_system_project
|
school_faculty_scheduling_system
|
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via craft…
|
CWE-89
SQL Injection
|
CVE-2020-36034
|
2024-11-21 14:28 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199252
|
5.5 |
MEDIUM
Local
|
freedesktop
|
poppler
|
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-36024
|
2024-11-21 14:28 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199253
|
6.5 |
MEDIUM
Network
|
freedesktop
|
poppler
|
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-36023
|
2024-11-21 14:28 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199254
|
8.8 |
HIGH
Network
|
flycms_project
|
flycms
|
Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.
|
CWE-352
Origin Validation Error
|
CVE-2020-36065
|
2024-11-21 14:28 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199255
|
9.8 |
CRITICAL
Network
|
thecontrolgroup
|
voyager
|
Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2020-36070
|
2024-11-21 14:28 |
2023-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199256
|
8.8 |
HIGH
Network
|
tailor_mangement_system_project
|
tailor_mangement_system
|
SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file
|
CWE-89
SQL Injection
|
CVE-2020-36077
|
2024-11-21 14:28 |
2023-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199257
|
8.8 |
HIGH
Network
|
tailor_mangement_system_project
|
tailor_mangement_system
|
SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter.
|
CWE-89
SQL Injection
|
CVE-2020-36074
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199258
|
8.8 |
HIGH
Network
|
tailor_management_system_project
|
tailor_management_system
|
SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page.
|
CWE-89
SQL Injection
|
CVE-2020-36073
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199259
|
8.8 |
HIGH
Network
|
tailor_management_system_project
|
tailor_management_system
|
SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2020-36072
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199260
|
8.8 |
HIGH
Network
|
tailor_management_system_project
|
tailor_management_system
|
SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page.
|
CWE-89
SQL Injection
|
CVE-2020-36071
|
2024-11-21 14:28 |
2023-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
