CVE-2020-19626 (craft_cms)
Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new. Devamını Oku
Devamını oku
CVE-2020-19625 (gridx)
Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter. Devamını Oku
CVE-2020-25840
Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction. Devamını Oku
CVE-2020-28346
ACRN through 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer Dereference. Devamını Oku
CVE-2020-28346 (acrn)
ACRN through 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer Dereference. Devamını Oku
CVE-2020-23517
Cross Site Scripting (XSS) vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm. Devamını Oku
CVE-2020-23517 (high_cms)
Cross Site Scripting (XSS) vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm. Devamını Oku
CVE-2020-10579
A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application. Devamını Oku
CVE-2020-10580
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application. Devamını Oku
CVE-2020-10581
Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application. Devamını Oku
CVE-2020-10582
A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and modification) on the database. Devamını Oku
CVE-2020-10583
The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application. Devamını Oku