|
210631
|
6.1 |
MEDIUM
Network
|
sdgc
|
pnpscada
|
PNPSCADA 2.200816204020 allows cross-site scripting (XSS), which can execute arbitrary JavaScript in the victim's browser.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24842
|
2024-11-21 14:16 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210632
|
7.5 |
HIGH
Network
|
issuer_project
|
issuer
|
An integer overflow has been found in the the latest version of Issuer. The total issuedCount can be zero if the parameter is overly large. An attacker can obtain the private key of the owner issued …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-24838
|
2024-11-21 14:16 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210633
|
7.5 |
HIGH
Network
|
zcfees_project
|
zcfees
|
An integer underflow has been found in the latest version of ZCFees. The variables 'currPeriodIdx' and 'lastPeriodExecIdx' are both unsigned integers, and the result of the minus operation may be a n…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2020-24837
|
2024-11-21 14:16 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210634
|
7.5 |
HIGH
Network
|
privateoctopus
|
picoquic
|
picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame funct…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-24944
|
2024-11-21 14:16 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210635
|
8.8 |
HIGH
Network
|
ucopia
|
ucopia_wireless_appliance
|
UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command.
|
CWE-78
OS Command
|
CVE-2020-25036
|
2024-11-21 14:16 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210636
|
6.7 |
MEDIUM
Local
|
ucopia
|
express_wireless_appliance
|
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root privileges using chroothole_client's PHP call, a related issue to CVE-2017-11322.
|
NVD-CWE-noinfo
|
CVE-2020-25035
|
2024-11-21 14:16 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210637
|
8.2 |
HIGH
Local
|
ucopia
|
ucopia_wireless_appliance
|
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-25037
|
2024-11-21 14:16 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210638
|
6.1 |
MEDIUM
Network
|
cutesoft
|
cute_editor
|
Cute Editor for ASP.NET 6.4 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a spec…
|
CWE-79
Cross-site Scripting
|
CVE-2020-24903
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210639
|
6.1 |
MEDIUM
Network
|
quixplorer_project
|
quixplorer
|
Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially cra…
|
CWE-79
Cross-site Scripting
|
CVE-2020-24902
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210640
|
6.1 |
MEDIUM
Network
|
krpano
|
krpano
|
The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24901
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
