|
208541
|
4.9 |
MEDIUM
Network
|
phpgurukul
|
hospital_management_system
|
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization…
|
CWE-89
SQL Injection
|
CVE-2020-26630
|
2024-11-21 14:20 |
2024-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208542
|
9.8 |
CRITICAL
Network
|
phpgurukul
|
hospital_management_system
|
A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26629
|
2024-11-21 14:20 |
2024-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208543
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
hospital_management_system
|
A Cross-Site Scripting (XSS) vulnerability was discovered in Hospital Management System V4.0 which allows an attacker to execute arbitrary web scripts or HTML code via a malicious payload appended to…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26628
|
2024-11-21 14:20 |
2024-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208544
|
4.9 |
MEDIUM
Network
|
phpgurukul
|
hospital_management_system
|
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remar…
|
CWE-89
SQL Injection
|
CVE-2020-26627
|
2024-11-21 14:20 |
2024-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208545
|
3.8 |
LOW
Network
|
gilacms
|
gila_cms
|
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the 'user_id' parameter after the login portal.
|
CWE-89
SQL Injection
|
CVE-2020-26625
|
2024-11-21 14:20 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208546
|
3.8 |
LOW
Network
|
gilacms
|
gila_cms
|
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal.
|
CWE-89
SQL Injection
|
CVE-2020-26624
|
2024-11-21 14:20 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208547
|
3.8 |
LOW
Network
|
gilacms
|
gila_cms
|
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the lo…
|
CWE-89
SQL Injection
|
CVE-2020-26623
|
2024-11-21 14:20 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208548
|
7.5 |
HIGH
Network
|
ethernut
|
nut\/os
|
An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attac…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-27213
|
2024-11-21 14:20 |
2023-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208549
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26683
|
2024-11-21 14:20 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208550
|
7.5 |
HIGH
Network
|
realtek
|
rtl8812au_firmware
|
An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service.
|
NVD-CWE-noinfo
|
CVE-2020-26652
|
2024-11-21 14:20 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
