|
222851
|
6.1 |
MEDIUM
Network
|
gvectors
|
wpforo
|
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19111
|
2024-11-21 13:34 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222852
|
4.8 |
MEDIUM
Network
|
gvectors
|
wpforo
|
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19110
|
2024-11-21 13:34 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222853
|
8.8 |
HIGH
Network
|
gvectors
|
wpforo
|
The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-19109
|
2024-11-21 13:34 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222854
|
4.6 |
MEDIUM
Physics
|
huawei
|
alp-al00b_firmware
alp-l09_firmware
alp-l29_firmware
anne-al00_firmware
bla-al00b_firmware
bla-l09c_firmware
bla-l29c_firmware
berkeley-al20_firmware
berkeley-l09_firmware
…
|
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the …
|
NVD-CWE-noinfo
|
CVE-2019-19412
|
2024-11-21 13:34 |
2020-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222855
|
6.1 |
MEDIUM
Network
|
wowza
|
streaming_engine
|
A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19456
|
2024-11-21 13:34 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222856
|
7.5 |
HIGH
Network
|
wowza
|
streaming_engine
|
An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0.
|
NVD-CWE-noinfo
|
CVE-2019-19454
|
2024-11-21 13:34 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222857
|
7.8 |
HIGH
Local
|
tobesoft
|
xplatform
|
A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it.
|
CWE-416
Use After Free
|
CVE-2019-19162
|
2024-11-21 13:34 |
2020-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222858
|
8.8 |
HIGH
Network
|
raonwiz
|
dext5
|
dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method. A remote…
|
NVD-CWE-noinfo
|
CVE-2019-19164
|
2024-11-21 13:34 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222859
|
9.8 |
CRITICAL
Network
|
raonwiz
|
dext5
|
Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leve…
|
NVD-CWE-noinfo
|
CVE-2019-19169
|
2024-11-21 13:34 |
2020-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222860
|
9.8 |
CRITICAL
Network
|
raonwiz
|
dext5
|
Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex metho…
|
NVD-CWE-noinfo
|
CVE-2019-19168
|
2024-11-21 13:34 |
2020-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
