|
210581
|
5.9 |
MEDIUM
Network
|
yubico
|
yubikey_5_nfc_firmware
|
A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. OpenPGP has three passwords: Admin PIN, Reset Code, and User PIN. The Reset Code is used to reset the User PIN, but…
|
NVD-CWE-Other
|
CVE-2020-15000
|
2024-11-21 14:04 |
2020-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210582
|
5.4 |
MEDIUM
Network
|
phplist
|
phplist
|
An issue was discovered in phpList through 3.5.4. An XSS vulnerability occurs within the Import Administrators section via upload of an edited text document. This also affects the Subscriber Lists se…
|
CWE-79
Cross-site Scripting
|
CVE-2020-15073
|
2024-11-21 14:04 |
2020-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210583
|
8.8 |
HIGH
Network
|
phplist
|
phplist
|
An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section.
|
CWE-89
SQL Injection
|
CVE-2020-15072
|
2024-11-21 14:04 |
2020-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210584
|
7.5 |
HIGH
Network
|
connectwise
|
connectwise_automate
|
A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate serv…
|
CWE-89
SQL Injection
|
CVE-2020-15008
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210585
|
4.4 |
MEDIUM
Local
|
npmjs
opensuse
fedoraproject
|
npm
leap
fedora
|
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:…
|
-
|
CVE-2020-15095
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210586
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15035
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210587
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15034
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210588
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the snmpget.php ip parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15033
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210589
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15032
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210590
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15031
|
2024-11-21 14:04 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
