|
201601
|
9.8 |
CRITICAL
Network
|
mobileviewpoint
|
wireless_multiplex_terminal_playout_server
|
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-35338
|
2024-11-21 14:27 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201602
|
7.2 |
HIGH
Network
|
classroombookings
|
classroombookings
|
SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.
|
CWE-89
SQL Injection
|
CVE-2020-35382
|
2024-11-21 14:27 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201603
|
9.8 |
CRITICAL
Network
|
online_bus_ticket_reservation_project
|
online_bus_ticket_reservation
|
SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields.
|
CWE-89
SQL Injection
|
CVE-2020-35378
|
2024-11-21 14:27 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201604
|
5.3 |
MEDIUM
Network
|
amazee
|
lagoon
|
The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has incorrect access control associated with project deletion.
|
NVD-CWE-noinfo
|
CVE-2020-35236
|
2024-11-21 14:27 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201605
|
8.8 |
HIGH
Network
|
themexa
|
secure_file_manager
|
vendor/elfinder/php/connector.minimal.php in the secure-file-manager plugin through 2.5 for WordPress loads elFinder code without proper access control. Thus, any authenticated user can run the elFin…
|
NVD-CWE-noinfo
|
CVE-2020-35235
|
2024-11-21 14:27 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201606
|
7.5 |
HIGH
Network
|
wp-ecommerce
|
easy_wp_smtp
|
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as exploited in the wild in December 2020. If an attacker can list the wp-content/plugins/easy-wp-smtp/ direc…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-35234
|
2024-11-21 14:27 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201607
|
- |
|
-
|
-
|
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
|
-
|
CVE-2020-35165
|
2024-11-21 14:26 |
2024-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201608
|
7.5 |
HIGH
Network
|
facuet
|
ryu
|
An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-35141
|
2024-11-21 14:26 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201609
|
7.5 |
HIGH
Network
|
facuet
|
ryu
|
An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-35139
|
2024-11-21 14:26 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201610
|
9.8 |
CRITICAL
Network
|
dell
oracle
|
bsafe_micro-edition-suite
bsafe_crypto-c-micro-edition
http_server
security_service
database
weblogic_server_proxy_plug-in
|
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.
|
CWE-20
Improper Input Validation
|
CVE-2020-35169
|
2024-11-21 14:26 |
2022-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
