|
210941
|
7.5 |
HIGH
Network
|
joyplus-cms_project
|
joyplus-cms
|
SQL injection vulnerability found in Joyplus-cms v.1.6.0 allows a remote attacker to access sensitive information via the id parameter of the goodbad() function.
|
CWE-89
SQL Injection
|
CVE-2020-20636
|
2024-11-21 14:12 |
2023-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210942
|
6.5 |
MEDIUM
Network
|
yzmcms
|
yzmcms
|
Cross Site Request Forgery found in yzCMS v.2.0 allows a remote attacker to execute arbitrary code via the token check function.
|
CWE-352
Origin Validation Error
|
CVE-2020-20502
|
2024-11-21 14:12 |
2023-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210943
|
7.2 |
HIGH
Network
|
opencart
|
opencart
|
SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php.
|
CWE-89
SQL Injection
|
CVE-2020-20491
|
2024-11-21 14:12 |
2023-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210944
|
9.8 |
CRITICAL
Network
|
wuzhicms
|
wuzhicms
|
SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/content.php.
|
CWE-89
SQL Injection
|
CVE-2020-20413
|
2024-11-21 14:12 |
2023-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210945
|
7.5 |
HIGH
Network
|
kilo_project
|
kilo
|
Buffer Overflow vulnerability in Antirez Kilo before commit 7709a04ae8520c5b04d261616098cebf742f5a23 allows a remote attacker to cause a denial of service via the editorUpdateRow function in kilo.c.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-20335
|
2024-11-21 14:12 |
2023-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210946
|
6.1 |
MEDIUM
Network
|
typecho
|
typecho
|
Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.
|
CWE-601
Open Redirect
|
CVE-2020-21038
|
2024-11-21 14:12 |
2023-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210947
|
6.1 |
MEDIUM
Network
|
hongcms_project
|
hongcms
|
Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop.
|
CWE-79
Cross-site Scripting
|
CVE-2020-21643
|
2024-11-21 14:12 |
2023-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210948
|
8.8 |
HIGH
Network
|
fluentd
|
fluentd-ui
fluentd
|
An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password.
|
NVD-CWE-noinfo
|
CVE-2020-21514
|
2024-11-21 14:12 |
2023-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210949
|
9.6 |
CRITICAL
Network
|
netgate
|
pfsense
pfsense_acme_package
|
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.
|
CWE-79
Cross-site Scripting
|
CVE-2020-21487
|
2024-11-21 14:12 |
2023-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210950
|
8.8 |
HIGH
Network
|
phpmywind
|
phpmywind
|
SQL injection vulnerability found in PHPMyWind v.5.6 allows a remote attacker to gain privileges via the delete function of the administrator management page.
|
CWE-89
SQL Injection
|
CVE-2020-21060
|
2024-11-21 14:12 |
2023-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
