|
209041
|
9.8 |
CRITICAL
Network
|
microhardcorp
|
bullet-lte_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerabil…
|
-
|
CVE-2020-17407
|
2024-11-21 14:08 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209042
|
8.8 |
HIGH
Network
|
microhardcorp
|
bullet-lte_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability.…
|
-
|
CVE-2020-17406
|
2024-11-21 14:08 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209043
|
4.8 |
MEDIUM
Network
|
impresscms
|
impresscms
|
ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution.
|
CWE-79
Cross-site Scripting
|
CVE-2020-17551
|
2024-11-21 14:08 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209044
|
9.1 |
CRITICAL
Network
|
get-simple
|
getsimplecms
|
GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php
|
CWE-22
Path Traversal
|
CVE-2020-18191
|
2024-11-21 14:08 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209045
|
9.1 |
CRITICAL
Network
|
bludit
|
bludit
|
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
|
CWE-22
Path Traversal
|
CVE-2020-18190
|
2024-11-21 14:08 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209046
|
9.8 |
CRITICAL
Network
|
pluxml
|
pluxml
|
class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.
|
CWE-94
Code Injection
|
CVE-2020-18185
|
2024-11-21 14:08 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209047
|
7.2 |
HIGH
Network
|
pluxxml
|
pluxxml
|
In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
|
NVD-CWE-noinfo
|
CVE-2020-18184
|
2024-11-21 14:08 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209048
|
4.3 |
MEDIUM
Network
|
powerdns
|
authoritative
|
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialize…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-17482
|
2024-11-21 14:08 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209049
|
7.5 |
HIGH
Network
|
nec
|
expresscluster_x
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The spe…
|
-
|
CVE-2020-17408
|
2024-11-21 14:08 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209050
|
5.4 |
MEDIUM
Network
|
fabbricadigitale
|
multiux
|
A post-authenticated stored XSS was found in MultiUx v.3.1.12.0 via the /multiux/SaveMailbox LastName field.
|
CWE-79
Cross-site Scripting
|
CVE-2020-17458
|
2024-11-21 14:08 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
