|
222971
|
7.5 |
HIGH
Adjacent
|
sony
|
vaio_update
|
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A succ…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2019-5982
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222972
|
7.8 |
HIGH
Local
|
sony
|
vaio_update
|
Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2019-5981
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222973
|
8.8 |
HIGH
Network
|
meomundo
|
related_youtube_videos
|
Cross-site request forgery (CSRF) vulnerability in Related YouTube Videos versions prior to 1.9.9 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5980
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222974
|
8.8 |
HIGH
Network
|
najeebmedia
|
personalized_woocommerce_cart_page
|
Cross-site request forgery (CSRF) vulnerability in Personalized WooCommerce Cart Page 2.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5979
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222975
|
8.8 |
HIGH
Network
|
contest-gallery
|
contest_gallery
|
Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5974
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222976
|
8.8 |
HIGH
Network
|
sukimalab
|
online_lesson_booking
|
Cross-site request forgery (CSRF) vulnerability in Online Lesson Booking 0.8.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5973
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222977
|
6.1 |
MEDIUM
Network
|
sukimalab
|
online_lesson_booking
|
Cross-site scripting vulnerability in Online Lesson Booking 0.8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-5972
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222978
|
8.8 |
HIGH
Network
|
sukimalab
|
attendance_manager
|
Cross-site request forgery (CSRF) vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5971
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222979
|
6.1 |
MEDIUM
Network
|
sukimalab
|
attendance_manager
|
Cross-site scripting vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-5970
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222980
|
6.1 |
MEDIUM
Network
|
weseek
|
growi
|
Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login.
|
CWE-601
Open Redirect
|
CVE-2019-5969
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
