| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22387 | Cri | 0.64 | 9.8 | 0.01 | Aug 2, 2021 | There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands. | ||
| CVE-2021-37167 | Cri | 0.64 | 9.8 | 0.02 | Aug 2, 2021 | An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. A user logged in using the default credentials can gain root access to the device, which provides… | ||
| CVE-2021-37164 | Cri | 0.64 | 9.8 | 0.03 | Aug 2, 2021 | A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur,… | ||
| CVE-2021-37163 | Cri | 0.64 | 9.8 | 0.01 | Aug 2, 2021 | An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded. | ||
| CVE-2021-37162 | Cri | 0.64 | 9.8 | 0.03 | Aug 2, 2021 | A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and… | ||
| CVE-2021-37161 | Cri | 0.64 | 9.8 | 0.03 | Aug 2, 2021 | A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and… | ||
| CVE-2021-37160 | Cri | 0.64 | 9.8 | 0.08 | Aug 2, 2021 | A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation (e.g., cryptographic signature validation) during a File Upload for a… | ||
| CVE-2021-37165 | Cri | 0.64 | 9.8 | 0.03 | Aug 2, 2021 | A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the… | ||
| CVE-2021-33527 | Cri | 0.64 | 9.8 | 0.05 | Aug 2, 2021 | In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the… | ||
| CVE-2021-24472 | Cri | 0.68 | 9.8 | 0.57 | Aug 2, 2021 | The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would… | ||
| CVE-2021-37760 | Cri | 0.64 | 9.8 | 0.01 | Jul 31, 2021 | A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID). | ||
| CVE-2021-37759 | Cri | 0.64 | 9.8 | 0.01 | Jul 31, 2021 | A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID). | ||
| CVE-2021-37595 | Cri | 0.00 | 9.8 | 0.02 | Jul 30, 2021 | In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU. | ||
| CVE-2021-37594 | Cri | 0.00 | 9.8 | 0.01 | Jul 30, 2021 | In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU. | ||
| CVE-2021-37593 | Cri | 0.63 | 9.1 | 0.05 | Jul 30, 2021 | PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the… | ||
| CVE-2021-37144 | Cri | 0.59 | 9.1 | 0.01 | Jul 30, 2021 | CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization. | ||
| CVE-2021-36624 | Cri | 0.64 | 9.8 | 0.03 | Jul 30, 2021 | Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. | ||
| CVE-2021-35458 | — | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2021 | Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter. | |
| CVE-2021-34166 | Cri | 0.64 | 9.8 | 0.03 | Jul 30, 2021 | A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin. | ||
| CVE-2021-34165 | Cri | 0.64 | 9.8 | 0.03 | Jul 30, 2021 | A SQL Injection vulnerability in Sourcecodester Basic Shopping Cart 1.0 allows a remote attacker to Bypass Authentication and become Admin. | ||
| CVE-2021-30124 | Cri | 0.00 | 9.8 | 0.03 | Jul 30, 2021 | The unofficial vscode-phpmd (aka PHP Mess Detector) extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace folder. | ||
| CVE-2021-25200 | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2021 | Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php. | ||
| CVE-2020-21809 | — | Cri | 0.57 | 9.8 | 0.02 | Jul 30, 2021 | SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php. | |
| CVE-2020-21808 | — | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2021 | SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. | |
| CVE-2020-21806 | Cri | 0.64 | 9.8 | 0.01 | Jul 30, 2021 | SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php.. | ||
| CVE-2020-18175 | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2021 | SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php. | ||
| CVE-2020-18013 | Cri | 0.64 | 9.8 | 0.01 | Jul 30, 2021 | SQL Injextion vulnerability exists in Whatsns 4.0 via the ip parameter in index.php?admin_banned/add.htm. | ||
| CVE-2021-29781 | Cri | 0.64 | 9.8 | 0.03 | Jul 30, 2021 | IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM… | ||
| CVE-2021-21538 | Cri | 0.63 | 9.6 | 0.02 | Jul 29, 2021 | Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console. | ||
| CVE-2020-36239 | Cri | 0.68 | 9.8 | 0.49 | Jul 29, 2021 | Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version… | ||
| CVE-2021-37578 | — | Cri | 0.57 | 9.8 | 0.04 | Jul 29, 2021 | Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote… | |
| CVE-2020-5341 | Cri | 0.64 | 9.8 | 0.04 | Jul 28, 2021 | Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A… | ||
| CVE-2021-20399 | Cri | 0.59 | 9.1 | 0.02 | Jul 27, 2021 | IBM Qradar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:… | ||
| CVE-2021-37555 | — | Cri | 0.64 | 9.8 | 0.01 | Jul 26, 2021 | TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem… | |
| CVE-2020-18174 | Cri | 0.64 | 9.8 | 0.01 | Jul 26, 2021 | A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges. | ||
| CVE-2020-18172 | Cri | 0.64 | 9.8 | 0.01 | Jul 26, 2021 | A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges. | ||
| CVE-2020-18170 | Cri | 0.64 | 9.8 | 0.01 | Jul 26, 2021 | An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions. | ||
| CVE-2020-17952 | — | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2021 | A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code. | |
| CVE-2021-37478 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database. | ||
| CVE-2021-37477 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database. | ||
| CVE-2021-37476 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the backend database. | ||
| CVE-2021-37475 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database. | ||
| CVE-2021-37473 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend database. | ||
| CVE-2021-3169 | Cri | 0.64 | 9.8 | 0.03 | Jul 23, 2021 | An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets. | ||
| CVE-2020-20741 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2021 | Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE… | ||
| CVE-2021-25208 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2021 | Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php. | ||
| CVE-2021-25206 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2021 | Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php. | ||
| CVE-2021-25203 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2021 | Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php. | ||
| CVE-2021-25207 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2021 | Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php. | ||
| CVE-2020-14032 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2021 | ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. |
- risk 0.64cvss 9.8epss 0.01
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands.
- risk 0.64cvss 9.8epss 0.02
An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. A user logged in using the default credentials can gain root access to the device, which provides…
- risk 0.64cvss 9.8epss 0.03
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur,…
- risk 0.64cvss 9.8epss 0.01
An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded.
- risk 0.64cvss 9.8epss 0.03
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and…
- risk 0.64cvss 9.8epss 0.03
A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and…
- risk 0.64cvss 9.8epss 0.08
A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation (e.g., cryptographic signature validation) during a File Upload for a…
- risk 0.64cvss 9.8epss 0.03
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the…
- risk 0.64cvss 9.8epss 0.05
In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the…
- risk 0.68cvss 9.8epss 0.57
The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would…
- risk 0.64cvss 9.8epss 0.01
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
- risk 0.64cvss 9.8epss 0.01
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
- risk 0.00cvss 9.8epss 0.02
In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU.
- risk 0.00cvss 9.8epss 0.01
In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU.
- risk 0.63cvss 9.1epss 0.05
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the…
- risk 0.59cvss 9.1epss 0.01
CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization.
- risk 0.64cvss 9.8epss 0.03
Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
- risk 0.64cvss 9.8epss 0.02
Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter.
- risk 0.64cvss 9.8epss 0.03
A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin.
- risk 0.64cvss 9.8epss 0.03
A SQL Injection vulnerability in Sourcecodester Basic Shopping Cart 1.0 allows a remote attacker to Bypass Authentication and become Admin.
- risk 0.00cvss 9.8epss 0.03
The unofficial vscode-phpmd (aka PHP Mess Detector) extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace folder.
- risk 0.64cvss 9.8epss 0.02
Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php.
- risk 0.57cvss 9.8epss 0.02
SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php.
- risk 0.64cvss 9.8epss 0.02
SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..
- risk 0.64cvss 9.8epss 0.02
SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injextion vulnerability exists in Whatsns 4.0 via the ip parameter in index.php?admin_banned/add.htm.
- risk 0.64cvss 9.8epss 0.03
IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM…
- risk 0.63cvss 9.6epss 0.02
Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console.
- risk 0.68cvss 9.8epss 0.49
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version…
- risk 0.57cvss 9.8epss 0.04
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote…
- risk 0.64cvss 9.8epss 0.04
Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A…
- risk 0.59cvss 9.1epss 0.02
IBM Qradar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:…
- risk 0.64cvss 9.8epss 0.01
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem…
- risk 0.64cvss 9.8epss 0.01
A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges.
- risk 0.64cvss 9.8epss 0.01
A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges.
- risk 0.64cvss 9.8epss 0.01
An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions.
- risk 0.64cvss 9.8epss 0.02
A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code.
- risk 0.64cvss 9.8epss 0.02
In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database.
- risk 0.64cvss 9.8epss 0.02
In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database.
- risk 0.64cvss 9.8epss 0.02
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the backend database.
- risk 0.64cvss 9.8epss 0.02
In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database.
- risk 0.64cvss 9.8epss 0.02
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend database.
- risk 0.64cvss 9.8epss 0.03
An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
- risk 0.64cvss 9.8epss 0.02
Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE…
- risk 0.64cvss 9.8epss 0.02
Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.
- risk 0.64cvss 9.8epss 0.02
Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.
- risk 0.64cvss 9.8epss 0.02
Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php.
- risk 0.64cvss 9.8epss 0.02
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.
- risk 0.64cvss 9.8epss 0.02
ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.