|
194601
|
4.8 |
MEDIUM
Network
|
get-simple
|
getsimplecms
|
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,
|
CWE-79
Cross-site Scripting
|
CVE-2021-28977
|
2024-11-21 15:00 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194602
|
7.2 |
HIGH
Network
|
get-simple
|
getsimplecms
|
Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-28976
|
2024-11-21 15:00 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194603
|
7.5 |
HIGH
Network
|
synology
|
diskstation_manager
diskstation_manager_unified_controller
|
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to …
|
-
|
CVE-2021-29087
|
2024-11-21 15:00 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194604
|
7.5 |
HIGH
Network
|
synology
|
diskstation_manager
diskstation_manager_unified_controller
|
Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to obtain sensitive inf…
|
CWE-200
Information Exposure
|
CVE-2021-29086
|
2024-11-21 15:00 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194605
|
7.5 |
HIGH
Network
|
synology
|
diskstation_manager
diskstation_manager_unified_controller
|
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.…
|
-
|
CVE-2021-29085
|
2024-11-21 15:00 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194606
|
7.5 |
HIGH
Network
|
synology
|
diskstation_manager
diskstation_manager_unified_controller
|
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) …
|
-
|
CVE-2021-29084
|
2024-11-21 15:00 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194607
|
7.5 |
HIGH
Network
|
mpmath
fedoraproject
|
mpmath
fedora
|
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29063
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194608
|
7.5 |
HIGH
Network
|
vfsjfilechooser2_project
|
vfsjfilechooser2
|
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29061
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194609
|
5.3 |
MEDIUM
Network
|
color-string_project
|
color-string
|
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB stri…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29060
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194610
|
7.5 |
HIGH
Network
|
is-svg_project
|
is-svg
|
A vulnerability was discovered in IS-SVG version 2.1.0 to 4.2.2 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG s…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29059
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
