| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-29591 | Cri | 0.64 | 9.8 | 0.03 | Dec 11, 2020 | Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote attacker to achieve root access with a blank password. | ||
| CVE-2020-13556 | Cri | 0.64 | 9.8 | 0.05 | Dec 11, 2020 | An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to… | ||
| CVE-2020-24634 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200… | ||
| CVE-2020-24633 | Cri | 0.64 | 9.8 | 0.05 | Dec 11, 2020 | There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway;… | ||
| CVE-2020-17530 | Cri | 0.86 | 9.8 | 0.96 | KEV | Dec 11, 2020 | Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25. | |
| CVE-2020-7540 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause… | ||
| CVE-2020-28215 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently. | ||
| CVE-2020-29311 | Cri | 0.64 | 9.8 | 0.06 | Dec 10, 2020 | Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software. | ||
| CVE-2020-26201 | Cri | 0.64 | 9.8 | 0.02 | Dec 10, 2020 | Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to the device Operating System via Telnet or SSH. | ||
| CVE-2020-19527 | Cri | 0.64 | 9.8 | 0.02 | Dec 10, 2020 | iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php. | ||
| CVE-2020-19142 | Cri | 0.64 | 9.8 | 0.02 | Dec 10, 2020 | iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php. | ||
| CVE-2020-16608 | Cri | 0.63 | 9.6 | 0.04 | Dec 10, 2020 | Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true). | ||
| CVE-2020-29667 | Cri | 0.64 | 9.8 | 0.03 | Dec 10, 2020 | In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration. | ||
| CVE-2020-24445 | Cri | 0.59 | 9.0 | 0.03 | Dec 10, 2020 | AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a… | ||
| CVE-2019-7198 | Cri | 0.64 | 9.8 | 0.03 | Dec 10, 2020 | This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build… | ||
| CVE-2020-17142 | Cri | 0.59 | 9.1 | 0.03 | Dec 10, 2020 | Microsoft Exchange Remote Code Execution Vulnerability | ||
| CVE-2020-17132 | Cri | 0.69 | 9.1 | 0.90 | Dec 10, 2020 | Microsoft Exchange Remote Code Execution Vulnerability | ||
| CVE-2020-29659 | Cri | 0.64 | 9.8 | 0.05 | Dec 9, 2020 | A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack. | ||
| CVE-2020-26838 | Cri | 0.59 | 9.1 | 0.02 | Dec 9, 2020 | SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any… | ||
| CVE-2020-26837 | Cri | 0.59 | 9.1 | 0.02 | Dec 9, 2020 | SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise… | ||
| CVE-2020-26831 | Cri | 0.62 | 9.6 | 0.01 | Dec 9, 2020 | SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to… | ||
| CVE-2020-26829 | Cri | 0.65 | 10.0 | 0.05 | Dec 9, 2020 | SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal… | ||
| CVE-2020-17529 | Cri | 0.64 | 9.8 | 0.03 | Dec 9, 2020 | Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both… | ||
| CVE-2020-17528 | Cri | 0.59 | 9.1 | 0.03 | Dec 9, 2020 | Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet. | ||
| CVE-2020-29657 | Cri | 0.59 | 9.1 | 0.01 | Dec 9, 2020 | In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file. | ||
| CVE-2020-28274 | — | Cri | 0.57 | 9.8 | 0.02 | Dec 8, 2020 | Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution. | |
| CVE-2020-29602 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29601 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29581 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official spiped docker images before 1.5-alpine contain a blank password for a root user. Systems using the spiped docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29580 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29579 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access. | ||
| CVE-2020-29577 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official znc docker images before 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29576 | Cri | 0.64 | 9.8 | 0.03 | Dec 8, 2020 | The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29575 | Cri | 0.64 | 9.8 | 0.03 | Dec 8, 2020 | The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. Systems using the elixir Linux Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank… | ||
| CVE-2020-29564 | Cri | 0.64 | 9.8 | 0.06 | Dec 8, 2020 | The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user. System using the Consul Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29578 | Cri | 0.64 | 9.8 | 0.02 | Dec 8, 2020 | The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access. | ||
| CVE-2020-25889 | Cri | 0.64 | 9.8 | 0.03 | Dec 8, 2020 | Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can gain the admin privilege. | ||
| CVE-2020-17531 | Cri | 0.64 | 9.8 | 0.10 | Dec 8, 2020 | A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008… | ||
| CVE-2020-29600 | Cri | 0.64 | 9.8 | 0.03 | Dec 7, 2020 | In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501. | ||
| CVE-2020-29597 | Cri | 0.72 | 9.8 | 0.71 | Dec 7, 2020 | IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server. | ||
| CVE-2020-29595 | Cri | 0.64 | 9.8 | 0.01 | Dec 7, 2020 | PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa. | ||
| CVE-2020-5800 | Cri | 0.64 | 9.8 | 0.02 | Dec 7, 2020 | The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to. | ||
| CVE-2020-5799 | Cri | 0.64 | 9.8 | 0.01 | Dec 7, 2020 | The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data. | ||
| CVE-2020-25462 | Cri | 0.64 | 9.8 | 0.02 | Dec 4, 2020 | Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903. | ||
| CVE-2020-2320 | Cri | 0.57 | 9.8 | 0.01 | Dec 3, 2020 | Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads. | ||
| CVE-2020-6017 | Cri | 0.00 | 9.8 | 0.03 | Dec 3, 2020 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and… | ||
| CVE-2020-29288 | Cri | 0.64 | 9.8 | 0.03 | Dec 2, 2020 | An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. | ||
| CVE-2020-29287 | Cri | 0.64 | 9.8 | 0.03 | Dec 2, 2020 | An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php. | ||
| CVE-2020-29285 | Cri | 0.64 | 9.8 | 0.01 | Dec 2, 2020 | SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php. | ||
| CVE-2020-29284 | Cri | 0.64 | 9.8 | 0.06 | Dec 2, 2020 | The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id… |
- risk 0.64cvss 9.8epss 0.03
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.05
An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to…
- risk 0.64cvss 9.8epss 0.02
An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200…
- risk 0.64cvss 9.8epss 0.05
There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway;…
- risk 0.86cvss 9.8epss 0.96
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
- risk 0.64cvss 9.8epss 0.02
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause…
- risk 0.64cvss 9.8epss 0.02
A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently.
- risk 0.64cvss 9.8epss 0.06
Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.
- risk 0.64cvss 9.8epss 0.02
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to the device Operating System via Telnet or SSH.
- risk 0.64cvss 9.8epss 0.02
iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
- risk 0.64cvss 9.8epss 0.02
iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.
- risk 0.63cvss 9.6epss 0.04
Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).
- risk 0.64cvss 9.8epss 0.03
In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.
- risk 0.59cvss 9.0epss 0.03
AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a…
- risk 0.64cvss 9.8epss 0.03
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build…
- risk 0.59cvss 9.1epss 0.03
Microsoft Exchange Remote Code Execution Vulnerability
- risk 0.69cvss 9.1epss 0.90
Microsoft Exchange Remote Code Execution Vulnerability
- risk 0.64cvss 9.8epss 0.05
A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.
- risk 0.59cvss 9.1epss 0.02
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any…
- risk 0.59cvss 9.1epss 0.02
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise…
- risk 0.62cvss 9.6epss 0.01
SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to…
- risk 0.65cvss 10.0epss 0.05
SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal…
- risk 0.64cvss 9.8epss 0.03
Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both…
- risk 0.59cvss 9.1epss 0.03
Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.
- risk 0.59cvss 9.1epss 0.01
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
- risk 0.57cvss 9.8epss 0.02
Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution.
- risk 0.64cvss 9.8epss 0.02
The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
The official spiped docker images before 1.5-alpine contain a blank password for a root user. Systems using the spiped docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.
- risk 0.64cvss 9.8epss 0.02
The official znc docker images before 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.03
The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.03
The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. Systems using the elixir Linux Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank…
- risk 0.64cvss 9.8epss 0.06
The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user. System using the Consul Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.
- risk 0.64cvss 9.8epss 0.03
Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can gain the admin privilege.
- risk 0.64cvss 9.8epss 0.10
A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008…
- risk 0.64cvss 9.8epss 0.03
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.
- risk 0.72cvss 9.8epss 0.71
IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.
- risk 0.64cvss 9.8epss 0.01
PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.
- risk 0.64cvss 9.8epss 0.02
The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.
- risk 0.64cvss 9.8epss 0.01
The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data.
- risk 0.64cvss 9.8epss 0.02
Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.
- risk 0.57cvss 9.8epss 0.01
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.
- risk 0.00cvss 9.8epss 0.03
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and…
- risk 0.64cvss 9.8epss 0.03
An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.
- risk 0.64cvss 9.8epss 0.03
An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php.
- risk 0.64cvss 9.8epss 0.06
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id…