|
210231
|
9.8 |
CRITICAL
Network
|
solarwinds
|
serv-u_ftp_server
|
SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command.
|
NVD-CWE-noinfo
|
CVE-2020-15542
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210232
|
9.8 |
CRITICAL
Network
|
solarwinds
|
serv-u_ftp_server
|
SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution.
|
NVD-CWE-noinfo
|
CVE-2020-15541
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210233
|
9.8 |
CRITICAL
Network
|
we-com
|
opendata_cms
|
We-com OpenData CMS 2.0 allows SQL Injection via the username field on the administrator login page.
|
CWE-89
SQL Injection
|
CVE-2020-15540
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210234
|
9.8 |
CRITICAL
Network
|
we-com
|
municipality_portal_cms
|
SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field.
|
CWE-89
SQL Injection
|
CVE-2020-15539
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210235
|
6.1 |
MEDIUM
Network
|
we-com
|
municipality_portal_cms
|
XSS can occur in We-com Municipality portal CMS 2.1.x via the cerca/ search bar.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15538
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210236
|
6.1 |
MEDIUM
Network
|
vanguard_project
|
vanguard
|
An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS can occur via the mails/new title field, a product field to the p/ URI, or the Products Search box.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15537
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210237
|
6.1 |
MEDIUM
Network
|
online_hotel_booking_system_project
|
online_hotel_booking_system
|
An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15536
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210238
|
6.1 |
MEDIUM
Network
|
bestsoftinc
|
car_rental_system
|
An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15535
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210239
|
7.5 |
HIGH
Network
|
wireshark
opensuse
debian
|
wireshark
leap
debian_linux
|
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-15466
|
2024-11-21 14:05 |
2020-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210240
|
7.8 |
HIGH
Local
|
valvesoftware
|
steam_client
|
An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAM…
|
CWE-362
Race Condition
|
CVE-2020-15530
|
2024-11-21 14:05 |
2020-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
