|
210751
|
8.2 |
HIGH
Local
|
ucopia
|
ucopia_wireless_appliance
|
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-25037
|
2024-11-21 14:16 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210752
|
6.1 |
MEDIUM
Network
|
cutesoft
|
cute_editor
|
Cute Editor for ASP.NET 6.4 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a spec…
|
CWE-79
Cross-site Scripting
|
CVE-2020-24903
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210753
|
6.1 |
MEDIUM
Network
|
quixplorer_project
|
quixplorer
|
Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially cra…
|
CWE-79
Cross-site Scripting
|
CVE-2020-24902
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210754
|
6.1 |
MEDIUM
Network
|
krpano
|
krpano
|
The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24901
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210755
|
6.1 |
MEDIUM
Network
|
krpano
|
krpano
|
The default installation of Krpano Panorama Viewer version <=1.20.8 is prone to Reflected XSS due to insecure XML load in file /viewer/krpano.html, parameter xml.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24900
|
2024-11-21 14:16 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210756
|
9.8 |
CRITICAL
Network
|
kyland
|
kps2204_6_port_managed_din-rail_programmable_serial_device_firmware
|
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and pa…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-25011
|
2024-11-21 14:16 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210757
|
9.8 |
CRITICAL
Network
|
kyland
|
kps2204_6_port_managed_din-rail_programmable_serial_device_firmware
|
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-25010
|
2024-11-21 14:16 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210758
|
9.8 |
CRITICAL
Network
|
zyxel
|
zld_firmware
access_points_firmware
|
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitra…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25014
|
2024-11-21 14:16 |
2020-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210759
|
6.5 |
MEDIUM
Network
|
microstrategy
|
microstrategy
|
A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal ne…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-24815
|
2024-11-21 14:16 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210760
|
7.5 |
HIGH
Network
|
jetbrains
|
toolbox
|
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
|
NVD-CWE-noinfo
|
CVE-2020-25013
|
2024-11-21 14:16 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
