|
208821
|
7.5 |
HIGH
Network
|
iec104_project
|
iec104
|
A segmentation violation in the Iec104_Deal_I function of IEC104 v1.0 allows attackers to cause a denial of service (DOS).
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-18730
|
2024-11-21 14:08 |
2021-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208822
|
7.2 |
HIGH
Network
|
phpmywind
|
phpmywind
|
Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/upload_file_do.php'.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-18886
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208823
|
7.2 |
HIGH
Network
|
phpmywind
|
phpmywind
|
Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the "text color" field of the component '/admin/web_config.php'.
|
CWE-77
Command Injection
|
CVE-2020-18885
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208824
|
9.8 |
CRITICAL
Network
|
bludit
|
bludit
|
Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-18879
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208825
|
5.3 |
MEDIUM
Network
|
skycaiji
|
skycaiji
|
Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'.
|
CWE-22
Path Traversal
|
CVE-2020-18878
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208826
|
7.5 |
HIGH
Network
|
wuzhicms
|
wuzhicms
|
SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the 'flag' parameter in the component '/coreframe/app/order/admin/index.php'.
|
CWE-89
SQL Injection
|
CVE-2020-18877
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208827
|
3.3 |
LOW
Local
|
libexe_project
|
libexe
|
A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on G…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18900
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208828
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-18899
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208829
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-18898
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208830
|
7.8 |
HIGH
Local
|
libpff_project
|
libpff
|
An use-after-free vulnerability in the libpff_item_tree_create_node function of libyal Libpff before 20180623 allows attackers to cause a denial of service (DOS) or execute arbitrary code via a craft…
|
CWE-416
Use After Free
|
CVE-2020-18897
|
2024-11-21 14:08 |
2021-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
