|
200201
|
4.8 |
MEDIUM
Network
|
groupsession
|
groupsession_zion
groupsession_bycloud
groupsession
|
Cross-site scripting vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and …
|
CWE-79
Cross-site Scripting
|
CVE-2021-20785
|
2024-11-21 14:47 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200202
|
8.8 |
HIGH
Network
|
softbank
|
optical_bb_unit_e-wmta_firmware
|
Cross-site request forgery (CSRF) vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page.
|
CWE-352
Origin Validation Error
|
CVE-2021-20783
|
2024-11-21 14:47 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200203
|
6.1 |
MEDIUM
Network
|
voidtools
|
everything
|
HTTP header injection vulnerability in Everything all versions except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product via unspeci…
|
NVD-CWE-Other
|
CVE-2021-20784
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200204
|
8.8 |
HIGH
Network
|
tipsandtricks-hq
|
software_license_manager
|
Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2021-20782
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200205
|
8.8 |
HIGH
Network
|
pluginus
|
wordpress_meta_data_and_taxonomies_filter
|
Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authent…
|
CWE-352
Origin Validation Error
|
CVE-2021-20781
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200206
|
7.5 |
HIGH
Network
|
retty
|
retty
|
Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an exte…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-20748
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200207
|
4.3 |
MEDIUM
Network
|
retty
|
retty
|
Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lea…
|
CWE-862
Missing Authorization
|
CVE-2021-20747
|
2024-11-21 14:47 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200208
|
8.8 |
HIGH
Network
|
wp-currency
|
wordpress_currency_switcher
|
Cross-site request forgery (CSRF) vulnerability in WPCS - WordPress Currency Switcher 1.1.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2021-20780
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200209
|
8.8 |
HIGH
Network
|
codemiq
|
wordpress_email_template_designer
|
Cross-site request forgery (CSRF) vulnerability in WordPress Email Template Designer - WP HTML Mail versions prior to 3.0.8 allows remote attackers to hijack the authentication of administrators via …
|
CWE-352
Origin Validation Error
|
CVE-2021-20779
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200210
|
4.3 |
MEDIUM
Network
|
gu-global
|
gu
|
Improper authorization in handler for custom URL scheme vulnerability in GU App for Android versions from 4.8.0 to 5.0.2 allows a remote attacker to lead a user to access an arbitrary website via the…
|
CWE-862
Missing Authorization
|
CVE-2021-20777
|
2024-11-21 14:47 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
