|
210481
|
5.4 |
MEDIUM
Network
|
bookingcore
|
booking_core
|
Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself” section under the “My Profile” page, " (2) “Hotel Policy” field unde…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25444
|
2024-11-21 14:17 |
2021-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210482
|
5.4 |
MEDIUM
Network
|
mozilo
|
mozilocms
|
A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-25394
|
2024-11-21 14:17 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210483
|
5.4 |
MEDIUM
Network
|
cszcms
|
csz_cms
|
A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'New Article' field under the 'Article' pl…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25392
|
2024-11-21 14:17 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210484
|
5.4 |
MEDIUM
Network
|
cszcms
|
csz_cms
|
A cross site scripting vulnerability in CSZ CMS 1.2.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'New Pages' field under the 'Pages Content' modu…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25391
|
2024-11-21 14:17 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210485
|
9.8 |
CRITICAL
Network
|
monstra
|
monstra
|
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2020-25414
|
2024-11-21 14:17 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210486
|
7.5 |
HIGH
Network
|
online_shopping_alphaware_project
|
online_shopping_alphaware
|
The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve al…
|
CWE-89
SQL Injection
|
CVE-2020-25362
|
2024-11-21 14:17 |
2021-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210487
|
6.5 |
MEDIUM
Network
|
online_examination_system_project
|
online_examination_system
|
Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user.
|
CWE-352
Origin Validation Error
|
CVE-2020-25411
|
2024-11-21 14:17 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210488
|
9.8 |
CRITICAL
Network
|
college_management_system_project
|
college_management_system
|
Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters.
|
CWE-89
SQL Injection
|
CVE-2020-25409
|
2024-11-21 14:17 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210489
|
6.5 |
MEDIUM
Network
|
college_management_system_project
|
college_management_system
|
A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, facult…
|
CWE-352
Origin Validation Error
|
CVE-2020-25408
|
2024-11-21 14:17 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210490
|
7.5 |
HIGH
Network
|
siemens
|
simatic_net_cp_343-1_advanced_firmware
simatic_net_cp_343-1_lean_firmware
simatic_net_cp_343-1_standard_firmware
|
A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Sta…
|
-
|
CVE-2020-25242
|
2024-11-21 14:17 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
