|
208821
|
7.5 |
HIGH
Network
|
emlog
|
emlog
|
*File Upload vulnerability found in Emlog EmlogCMS v.6.0.0 allows a remote attacker to gain access to sensitive information via the /admin/plugin.php function.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-19028
|
2024-11-21 14:08 |
2023-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208822
|
6.1 |
MEDIUM
Network
|
md_project
|
md
|
Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function.
|
CWE-79
Cross-site Scripting
|
CVE-2020-18280
|
2024-11-21 14:08 |
2023-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208823
|
6.1 |
MEDIUM
Network
|
5none
|
nonecms
|
Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature.
|
CWE-79
Cross-site Scripting
|
CVE-2020-18282
|
2024-11-21 14:08 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208824
|
4.8 |
MEDIUM
Network
|
mipcms
|
mipcms
|
Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit.
|
CWE-79
Cross-site Scripting
|
CVE-2020-18132
|
2024-11-21 14:08 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208825
|
8.8 |
HIGH
Network
|
clanscripts_project
|
clanscripts
|
Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to escilate privledges to an arbitrary account via a crafted request to /members/console.php?cID=5.
|
CWE-352
Origin Validation Error
|
CVE-2020-18131
|
2024-11-21 14:08 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208826
|
9.1 |
CRITICAL
Network
|
chinamobileltd
|
gpn2.4p21-c-cn_firmware
|
Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), via the getpage parameter …
|
CWE-22
Path Traversal
|
CVE-2020-18331
|
2024-11-21 14:08 |
2023-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208827
|
9.1 |
CRITICAL
Network
|
chinamobileltd
|
gpn2.4p21-c-cn_firmware
|
An issue was discovered in the default configuration of ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), allows …
|
CWE-22
Path Traversal
|
CVE-2020-18330
|
2024-11-21 14:08 |
2023-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208828
|
7.5 |
HIGH
Network
|
carel
|
pcoweb_card_web
pcoweb_card_boot
pcoweb_card_bios
|
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interfa…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2020-18329
|
2024-11-21 14:08 |
2023-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208829
|
6.1 |
MEDIUM
Network
|
alfresco
|
alfresco
|
Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2
|
CWE-79
Cross-site Scripting
|
CVE-2020-18327
|
2024-11-21 14:08 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208830
|
8.8 |
HIGH
Network
|
intelliants
|
subrion_cms
|
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an author…
|
CWE-352
Origin Validation Error
|
CVE-2020-18326
|
2024-11-21 14:08 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
