|
195271
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and the dl parameter is used.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26698
|
2024-11-21 14:56 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195272
|
9.8 |
CRITICAL
Network
|
phpgurukul
|
student_record_system
|
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php.
|
CWE-89
SQL Injection
|
CVE-2021-26765
|
2024-11-21 14:56 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195273
|
8.8 |
HIGH
Network
|
phpgurukul
|
student_record_system
|
SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.
|
CWE-89
SQL Injection
|
CVE-2021-26764
|
2024-11-21 14:56 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195274
|
8.8 |
HIGH
Network
|
phpgurukul
|
student_record_system
|
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.
|
CWE-89
SQL Injection
|
CVE-2021-26762
|
2024-11-21 14:56 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195275
|
7.1 |
HIGH
Local
|
ninjarmm
|
ninjarmm
|
The Agent in NinjaRMM 5.0.909 has Insecure Permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-26274
|
2024-11-21 14:56 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195276
|
7.8 |
HIGH
Local
|
ninjarmm
|
ninjarmm
|
The Agent in NinjaRMM 5.0.909 has Incorrect Access Control.
|
CWE-863
Incorrect Authorization
|
CVE-2021-26273
|
2024-11-21 14:56 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195277
|
5.5 |
MEDIUM
Local
|
hpe
|
oneview_global_dashboard
|
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Glob…
|
NVD-CWE-noinfo
|
CVE-2021-26585
|
2024-11-21 14:56 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195278
|
9.8 |
CRITICAL
Network
|
apache
|
nuttx
|
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulti…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-26461
|
2024-11-21 14:56 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195279
|
6.1 |
MEDIUM
Network
|
zettlr
|
zettlr
|
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26835
|
2024-11-21 14:56 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195280
|
5.4 |
MEDIUM
Network
|
znote
|
znote
|
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26834
|
2024-11-21 14:56 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
