|
211521
|
6.1 |
MEDIUM
Adjacent
|
systemd_project
fedoraproject
netapp
|
systemd
fedora
cloud_backup
active_iq_unified_manager
|
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing att…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-13529
|
2024-11-21 14:01 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211522
|
9.8 |
CRITICAL
Network
|
drupal
|
drupal
|
Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the read_only set to FALSE under jsonapi.settings config are vulnerable. This issu…
|
NVD-CWE-noinfo
|
CVE-2020-13665
|
2024-11-21 14:01 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211523
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal…
|
CWE-601
Open Redirect
|
CVE-2020-13662
|
2024-11-21 14:01 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211524
|
8.8 |
HIGH
Network
|
drupal
|
drupal
|
Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefull…
|
CWE-77
Command Injection
|
CVE-2020-13664
|
2024-11-21 14:01 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211525
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Cross-site scripting vulnerability in Drupal Core. Drupal AJAX API does not disable JSONP by default, allowing for an XSS attack. This issue affects: Drupal Drupal Core 7.x versions prior to 7.73; 8.…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13666
|
2024-11-21 14:01 |
2021-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211526
|
8.8 |
HIGH
Network
|
open-emr
phpgacl_project
|
openemr
phpgacl
|
SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/edit_gro…
|
CWE-89
SQL Injection
|
CVE-2020-13568
|
2024-11-21 14:01 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211527
|
8.8 |
HIGH
Network
|
open-emr
phpgacl_project
|
openemr
phpgacl
|
SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/edit_gr…
|
CWE-89
SQL Injection
|
CVE-2020-13566
|
2024-11-21 14:01 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211528
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in "global_lists/choices" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attack…
|
CWE-89
SQL Injection
|
CVE-2020-13592
|
2024-11-21 14:01 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211529
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in the "access_rules/rules_form" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An…
|
CWE-89
SQL Injection
|
CVE-2020-13591
|
2024-11-21 14:01 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211530
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in the "forms_fields_rules/rules" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. A…
|
CWE-89
SQL Injection
|
CVE-2020-13587
|
2024-11-21 14:01 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
