| Page(s) : 1 ... 8 9 10 11 12 13 14 15 16 17 [18] 19 20 21 22 23 24 25 26 27 28 ... | Result(s) : 178977 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2020-11-17 | CVE-2020-28914 | cve | An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a contai... |
| N/A | 2020-11-17 | CVE-2020-28183 | cve | SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php. |
| 9.8 | 2020-11-17 | CVE-2020-28130 | cve | An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower... |
| 6.1 | 2020-11-17 | CVE-2020-28129 | cve | Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages... |
| N/A | 2020-11-17 | CVE-2020-28092 | cve | PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Ta... |
| 9.8 | 2020-11-17 | CVE-2020-26553 | cve | An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree. |
| N/A | 2020-11-17 | CVE-2020-26552 | cve | An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access. |
| 7.5 | 2020-11-17 | CVE-2020-26551 | cve | An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file. |
| 7.5 | 2020-11-17 | CVE-2020-26550 | cve | An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key. |
| N/A | 2020-11-17 | CVE-2020-26549 | cve | An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading. |
| N/A | 2020-11-17 | CVE-2020-26548 | cve | An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system. |
| N/A | 2020-11-17 | CVE-2020-26216 | cve | TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid: 1.... |
| N/A | 2020-11-17 | CVE-2020-25890 | cve | The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful ... |
| 9.8 | 2020-11-17 | CVE-2020-28140 | cve | SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php. |
| 6.1 | 2020-11-17 | CVE-2020-28139 | cve | SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php. |
| 9.8 | 2020-11-17 | CVE-2020-28138 | cve | SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php. |
| N/A | 2020-11-17 | CVE-2020-28136 | cve | An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable p... |
| N/A | 2020-11-17 | CVE-2020-28133 | cve | An issue was discovered in SourceCodester Simple Grocery Store Sales And Inventory System 1.0. There was authentication bypass in web login functionality allows an attacker to g... |
| N/A | 2020-11-17 | CVE-2020-26405 | cve | Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are... |
| N/A | 2020-11-17 | CVE-2020-25988 | cve | UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin',... |
| Page(s) : 1 ... 8 9 10 11 12 13 14 15 16 17 [18] 19 20 21 22 23 24 25 26 27 28 ... | Result(s) : 178977 |
