CVE-2020-18144
SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php. Devamını Oku
Devamını oku
Day: Temmuz 14, 2021
CVE-2020-27379 (booking_core)
Cross Site Request Forgery (CSRF) vulnerability in Booking Core – Ultimate Booking System Booking Core 1.7.0 . The CSRF token is not being validated when…
CVE-2020-25445 (booking_core)
The “Subscribeâ€� feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being…
CVE-2020-27379
Cross Site Request Forgery (CSRF) vulnerability in Booking Core – Ultimate Booking System Booking Core 1.7.0 . The CSRF token is not being validated when…
CVE-2020-25445
The “Subscribeâ€� feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being…
CVE-2020-25444
Cross Site Scripting (XSS) vulnerability in Booking Core – Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourselfâ€� section under the “My Profileâ€�…
CVE-2021-0144
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.…
CVE-2020-0417 (android)
In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with…
CVE-2020-20231
Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of…
CVE-2020-0417
In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with…