CVE-2020-35442
FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php. Devamını Oku
Devamını oku
CVE-2020-35441
FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php. Devamını Oku
CVE-2020-35438
Cross Site Scripting (XSS) vulnerability in the kk Star Ratings plugin before 4.1.5. Devamını Oku
CVE-2020-35430 (inxedu)
SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem. Devamını Oku
CVE-2020-35430
SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem. Devamını Oku
CVE-2020-35427
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication. Devamını Oku
CVE-2020-35419 (group_office)
Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter. Devamını Oku
CVE-2020-35419
Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter. Devamını Oku
CVE-2020-35418 (group_office)
Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file. Devamını Oku
CVE-2020-35418
Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file. Devamını Oku
CVE-2020-35398
An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted. Devamını Oku
CVE-2020-35373
In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated XSS attack. Devamını Oku