| Page(s) : 1 ... 839 840 841 842 843 844 845 846 847 848 [849] 850 851 852 853 854 855 856 857 858 859 ... | Result(s) : 43549 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-10-01 | CVE-2020-15227 | cve | Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly le... |
| 9.1 | 2020-09-30 | CVE-2020-21524 | cve | There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xm... |
| 9.8 | 2020-09-30 | CVE-2020-26041 | cve | An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php |
| 9.8 | 2020-09-30 | CVE-2020-25763 | cve | Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webser... |
| 9.8 | 2020-09-30 | CVE-2020-20800 | cve | An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI. |
| 9.8 | 2020-09-30 | CVE-2020-15487 | cve | Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file. By modifying the folder GET p... |
| 9.8 | 2020-09-30 | CVE-2018-5353 | cve | The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not... |
| 9.8 | 2020-09-30 | CVE-2020-21526 | cve | An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, b... |
| 9.8 | 2020-09-30 | CVE-2020-26042 | cve | An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php |
| 9.8 | 2020-09-30 | CVE-2020-21523 | cve | A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. T... |
| 9.8 | 2020-09-30 | CVE-2020-21522 | cve | An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in th... |
| 9.8 | 2020-09-30 | CVE-2020-26154 | cve | url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. |
| 9.6 | 2020-09-30 | CVE-2020-26157 | cve | Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration. |
| 9.6 | 2020-09-30 | CVE-2020-26158 | cve | Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integ... |
| 9.8 | 2020-09-30 | CVE-2020-12870 | cve | RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page. |
| 9.1 | 2020-09-30 | CVE-2020-25762 | cve | An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input validation on the username and password parameters. An att... |
| 9.8 | 2020-09-30 | CVE-2020-19672 | cve | Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize funct... |
| 9.8 | 2020-09-25 | CVE-2020-15208 | cve | In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outsid... |
| 9 | 2020-09-25 | CVE-2020-15207 | cve | In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative val... |
| 9.8 | 2020-09-25 | CVE-2020-25147 | cve | An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious S... |
| Page(s) : 1 ... 839 840 841 842 843 844 845 846 847 848 [849] 850 851 852 853 854 855 856 857 858 859 ... | Result(s) : 43549 |
