EmreOvunc
Products
6- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-5893 | Cri | 0.69 | 9.8 | 0.25 | Jan 10, 2019 | Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. | ||
| CVE-2020-19360 | Hig | 0.50 | 7.5 | 0.20 | Jan 20, 2021 | Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure. | ||
| CVE-2019-12461 | Med | 0.43 | 6.1 | 0.10 | May 30, 2019 | Web Port 1.19.1 allows XSS via the /log type parameter. | ||
| CVE-2020-25385 | Med | 0.41 | 6.1 | 0.16 | Jan 20, 2021 | Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /nagioslogserver/configure/create_snapshot through the snapshot_name parameter, which may impact users who open a maliciously crafted link or third-party web page. | ||
| CVE-2020-23992 | Med | 0.40 | 6.1 | 0.02 | Aug 22, 2023 | Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request. | ||
| CVE-2019-12458 | Med | 0.35 | 5.3 | 0.02 | May 30, 2019 | FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01. |
- risk 0.69cvss 9.8epss 0.25
Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter.
- risk 0.50cvss 7.5epss 0.20
Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure.
- risk 0.43cvss 6.1epss 0.10
Web Port 1.19.1 allows XSS via the /log type parameter.
- risk 0.41cvss 6.1epss 0.16
Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /nagioslogserver/configure/create_snapshot through the snapshot_name parameter, which may impact users who open a maliciously crafted link or third-party web page.
- risk 0.40cvss 6.1epss 0.02
Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request.
- risk 0.35cvss 5.3epss 0.02
FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01.