|
194441
|
8.8 |
HIGH
Network
|
phpgurukul
|
student_record_system
|
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.
|
CWE-89
SQL Injection
|
CVE-2021-26762
|
2024-11-21 14:56 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194442
|
7.1 |
HIGH
Local
|
ninjarmm
|
ninjarmm
|
The Agent in NinjaRMM 5.0.909 has Insecure Permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-26274
|
2024-11-21 14:56 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194443
|
7.8 |
HIGH
Local
|
ninjarmm
|
ninjarmm
|
The Agent in NinjaRMM 5.0.909 has Incorrect Access Control.
|
CWE-863
Incorrect Authorization
|
CVE-2021-26273
|
2024-11-21 14:56 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194444
|
5.5 |
MEDIUM
Local
|
hpe
|
oneview_global_dashboard
|
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Glob…
|
NVD-CWE-noinfo
|
CVE-2021-26585
|
2024-11-21 14:56 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194445
|
9.8 |
CRITICAL
Network
|
apache
|
nuttx
|
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulti…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-26461
|
2024-11-21 14:56 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194446
|
6.1 |
MEDIUM
Network
|
zettlr
|
zettlr
|
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26835
|
2024-11-21 14:56 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194447
|
5.4 |
MEDIUM
Network
|
znote
|
znote
|
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26834
|
2024-11-21 14:56 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194448
|
7.5 |
HIGH
Network
|
hitachienergy
|
esoms
|
Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hita…
|
CWE-863
Incorrect Authorization
|
CVE-2021-26845
|
2024-11-21 14:56 |
2021-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194449
|
5.4 |
MEDIUM
Network
|
openplcproject
|
scadabr
|
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26829
|
2024-11-21 14:56 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194450
|
8.8 |
HIGH
Network
|
openplcproject
|
scadabr
|
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-26828
|
2024-11-21 14:56 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
