|
200181
|
6.1 |
MEDIUM
Network
|
sixapart
|
movable_type
|
Cross-site scripting vulnerability in Website Management screen of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type 6.8.0 and earlier (Movable Type 6 Series), Mov…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20810
|
2024-11-21 14:47 |
2021-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200182
|
6.1 |
MEDIUM
Network
|
sixapart
|
movable_type
|
Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type 6.8.0 and earlier (Movab…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20809
|
2024-11-21 14:47 |
2021-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200183
|
6.1 |
MEDIUM
Network
|
sixapart
|
movable_type
|
Cross-site scripting vulnerability in Search screen of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type 6.8.0 and earlier (Movable Type 6 Series), Movable Type Ad…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20808
|
2024-11-21 14:47 |
2021-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200184
|
7.8 |
HIGH
Local
|
sony
|
audio_usb_driver
hap_music_transfer
|
Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and exe…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-20793
|
2024-11-21 14:47 |
2021-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200185
|
6.1 |
MEDIUM
Network
|
expresstech
|
quiz_and_survey_master
|
Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20792
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200186
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.
|
CWE-20
Improper Input Validation
|
CVE-2021-20775
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200187
|
5.4 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20774
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200188
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege.
|
NVD-CWE-noinfo
|
CVE-2021-20773
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200189
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Information disclosure vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the title of Bulletin without the viewing privilege.
|
NVD-CWE-Other
|
CVE-2021-20772
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200190
|
6.1 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20771
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
