CVE-2021-20433
IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345. Devamını Oku
Devamını oku
CVE-2020-21127
MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel. Devamını Oku
CVE-2020-21121
Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file. Devamını Oku
CVE-2020-21122
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports. Devamını Oku
CVE-2020-21124
UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page. Devamını Oku
CVE-2020-21125
An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code. Devamını Oku
CVE-2020-21126
MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo. Devamını Oku
CVE-2020-19148
Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinal_cms/front/person/profile.html'. Devamını Oku
CVE-2020-19150
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information or cause a denial of service via the 'FileManager.delete()' function in the component 'modules/filemanager/FileManagerController.java'. Devamını Oku
CVE-2020-19151
Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinal_cms/admin/filemanager/list'. Devamını Oku
CVE-2020-19154
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'. Devamını Oku
CVE-2020-19155
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java'. Devamını Oku