|
210551
|
6.5 |
MEDIUM
Network
|
arista
|
cloudvision_portal
|
A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for acces…
|
NVD-CWE-noinfo
|
CVE-2020-24333
|
2024-11-21 14:14 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210552
|
7.2 |
HIGH
Network
|
titanhq
|
spamtitan
|
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This re…
|
CWE-269
Improper Privilege Management
|
CVE-2020-24046
|
2024-11-21 14:14 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210553
|
7.2 |
HIGH
Network
|
titanhq
|
spamtitan
|
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The res…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-24045
|
2024-11-21 14:14 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210554
|
9.6 |
CRITICAL
Network
|
free
|
freebox_revolution_firmware
freebox_mini_firmware
freebox_one_firmware
freebox_delta_firmware
freebox_pop_firmware
|
A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.
|
CWE-20
Improper Input Validation
|
CVE-2020-24377
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210555
|
9.6 |
CRITICAL
Network
|
free
|
freebox_revolution_firmware
freebox_mini_firmware
freebox_one_firmware
freebox_delta_firmware
freebox_pop_firmware
|
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.
|
CWE-20
Improper Input Validation
|
CVE-2020-24376
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210556
|
9.6 |
CRITICAL
Network
|
free
|
freebox_hd_firmware
|
A DNS rebinding vulnerability in Freebox v5 before 1.5.29.
|
CWE-20
Improper Input Validation
|
CVE-2020-24374
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210557
|
8.8 |
HIGH
Network
|
free
|
freebox_revolution_firmware
freebox_mini_firmware
freebox_one_firmware
freebox_delta_firmware
freebox_pop_firmware
|
A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
|
CWE-352
Origin Validation Error
|
CVE-2020-24373
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210558
|
9.8 |
CRITICAL
Network
|
projectworlds
|
house_rental
|
Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POS…
|
CWE-89
SQL Injection
|
CVE-2020-23833
|
2024-11-21 14:14 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210559
|
9.8 |
CRITICAL
Network
|
online_course_registration_project
|
online_course_registration
|
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-sh…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-23828
|
2024-11-21 14:14 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210560
|
9.1 |
CRITICAL
Network
|
trendmicro
|
serverprotect
|
A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileg…
|
CWE-77
Command Injection
|
CVE-2020-24561
|
2024-11-21 14:14 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
