|
199331
|
4.8 |
MEDIUM
Network
|
bdtask
|
multi-store
|
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36012
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199332
|
4.8 |
MEDIUM
Network
|
qdocs
|
smart_hospital
|
A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Rem…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36011
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199333
|
4.8 |
MEDIUM
Network
|
textpattern
|
textpattern
|
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35854
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199334
|
4.8 |
MEDIUM
Network
|
4homepages
|
4images
|
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. E…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35853
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199335
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35845
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199336
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35844
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199337
|
5.5 |
MEDIUM
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35843
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199338
|
6.1 |
MEDIUM
Network
|
persis
|
human_resource_management_portal
|
The job posting recommendation form in Persis Human Resource Management Portal (Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20), when the "Recommend job posting" function is enabled, al…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35753
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199339
|
9.8 |
CRITICAL
Network
|
kaspersky
|
tinycheck
|
In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker fo…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-35929
|
2024-11-21 14:28 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199340
|
7.5 |
HIGH
Network
|
php
fedoraproject
debian
drupal
|
archive_tar
fedora
debian_linux
drupal
|
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
|
CWE-22
CWE-59
Path Traversal
Link Following
|
CVE-2020-36193
|
2024-11-21 14:28 |
2021-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
