|
208911
|
7.8 |
HIGH
Local
|
irfanview
|
irfanview
|
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in…
|
NVD-CWE-noinfo
|
CVE-2020-23546
|
2024-11-21 14:13 |
2021-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208912
|
6.1 |
MEDIUM
Network
|
hznuoj_project
|
hznuoj
|
A cross-site scripting (XSS) vulnerability was discovered in the OJ/admin-tool /cal_scores.php function of HZNUOJ v1.0.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22312
|
2024-11-21 14:13 |
2021-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208913
|
6.1 |
MEDIUM
Network
|
froala
|
froala_editor
|
A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22864
|
2024-11-21 14:13 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208914
|
7.5 |
HIGH
Network
|
dropouts
|
super_backup
|
Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via …
|
CWE-22
Path Traversal
|
CVE-2020-23061
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208915
|
7.1 |
HIGH
Local
|
tonec
|
internet_download_manager
|
Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a cra…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-23060
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208916
|
4.6 |
MEDIUM
Physics
|
file_explorer_project
|
file_explorer
|
An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data.
|
CWE-287
Improper Authentication
|
CVE-2020-23058
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208917
|
5.4 |
MEDIUM
Network
|
lancom-systems
|
lcos
|
ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 & WLC-4006 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the /authen/start/ module via the userid and pas…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23055
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208918
|
6.1 |
MEDIUM
Network
|
user-agent_switcher_and_manager_project
|
user-agent_switcher_and_manager
|
A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input fie…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23054
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208919
|
5.4 |
MEDIUM
Network
|
catalyst
|
mahara
|
Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component groupfiles.php via the Number (Nombre) and Description (Descripción)…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23052
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208920
|
6.1 |
MEDIUM
Network
|
user_registration_\&_login_and_user_management_system_with_admin_panel_project
|
user_registration_\&_login_and_user_management_system_with_admin_panel
|
Phpgurukul User Registration & User Management System v2.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the regist…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23051
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
