|
208271
|
6.5 |
MEDIUM
Network
|
jetbrains
|
ktor
|
In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible.
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-26129
|
2024-11-21 14:19 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208272
|
9.8 |
CRITICAL
Network
|
user_registration_\&_login_and_user_management_system_project
|
user_registration_\&_login_and_user_management_system
|
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
|
CWE-89
SQL Injection
|
CVE-2020-25952
|
2024-11-21 14:19 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208273
|
6.5 |
MEDIUM
Network
|
spreecommerce
|
spree
|
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. …
|
-
|
CVE-2020-26223
|
2024-11-21 14:19 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208274
|
5.3 |
MEDIUM
Network
|
radarcovid
|
radar-covid-backend-dp3t-server
radarcovid
|
Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of COVID-19 positive users that upload Radar COVID T…
|
-
|
CVE-2020-26230
|
2024-11-21 14:19 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208275
|
8.8 |
HIGH
Network
|
dependabot_project
|
dependabot
|
Dependabot is a set of packages for automated dependency management for Ruby, JavaScript, Python, PHP, Elixir, Rust, Java, .NET, Elm and Go. In Dependabot-Core from version 0.119.0.beta1 before versi…
|
-
|
CVE-2020-26222
|
2024-11-21 14:19 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208276
|
6.1 |
MEDIUM
Network
|
touchbase.ai_project
|
touchbase.ai
|
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cooki…
|
-
|
CVE-2020-26221
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208277
|
3.5 |
LOW
Network
|
touchbase.ai_project
|
touchbase.ai
|
toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software ver…
|
-
|
CVE-2020-26220
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208278
|
6.1 |
MEDIUM
Network
|
touchbase.ai_project
|
touchbase.ai
|
touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker-c…
|
-
|
CVE-2020-26219
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208279
|
6.1 |
MEDIUM
Network
|
touchbase.ai_project
|
touchbase.ai
|
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious w…
|
-
|
CVE-2020-26218
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208280
|
8.6 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a de…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-26070
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
