• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2020-28969
    CVE-2020-28969
    Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:19 | 回复:0
  • CVE-2020-28968
    CVE-2020-28968
    Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary we ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:24 | 回复:0
  • CVE-2020-28967
    CVE-2020-28967
    FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'current path directory' function. This vulnerability allows attackers to elevate local process privileges via overwriting th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:23 | 回复:0
  • CVE-2020-28964
    CVE-2020-28964
    Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Search function. This vulnerability allows attackers to escalate local process privileges via unspecified v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:13 | 回复:0
  • CVE-2020-28963
    CVE-2020-28963
    Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:18 | 回复:0
  • CVE-2020-28961
    CVE-2020-28961
    Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component ./clients/client via the company name parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:12 | 回复:0
  • CVE-2020-28960
    CVE-2020-28960
    Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:9 | 回复:0
  • CVE-2020-28957
    CVE-2020-28957
    Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:20 | 回复:0
  • CVE-2020-28956
    CVE-2020-28956
    Multiple cross-site scripting (XSS) vulnerabilities in the Sales module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary addr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:12 | 回复:0
  • CVE-2020-28955
    CVE-2020-28955
    SugarCRM v6.5.18 was discovered to contain a cross-site scripting (XSS) vulnerability in the Create Employee module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:12 | 回复:0
  • CVE-2020-23061
    CVE-2020-23061
    Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:13 | 回复:0
  • CVE-2020-23060
    CVE-2020-23060
    Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a craf ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:8 | 回复:0
  • CVE-2020-23058
    CVE-2020-23058
    An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2020-23055
    CVE-2020-23055
    ANCOM WLAN Controller (Wireless Series Hotspot) WLC-1000 WLC-4006 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the /authen/start/ module via the userid and passwo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:25 | 回复:0
  • CVE-2020-23054
    CVE-2020-23054
    A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input fiel ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:19 | 回复:0
  • CVE-2020-23052
    CVE-2020-23052
    Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component groupfiles.php via the Number (Nombre) and Description (Descripción) ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:26 | 回复:0
  • CVE-2020-23051
    CVE-2020-23051
    Phpgurukul User Registration User Management System v2.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registra ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:21 | 回复:0
  • CVE-2020-23050
    CVE-2020-23050
    TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:23 | 回复:0
  • CVE-2020-23049
    CVE-2020-23049
    Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:27 | 回复:0
  • CVE-2020-23048
    CVE-2020-23048
    SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the component AddEvent.php via the name and comment parameters.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:20 | 回复:0
  • CVE-2020-23047
    CVE-2020-23047
    Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a cross-site scripting (XSS) vulnerability in the search input field of the search module.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:23 | 回复:0
  • CVE-2020-23046
    CVE-2020-23046
    DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tpl.php via the `filename`, `mid`, `userid`, and `templet' parameters.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:20 | 回复:0
  • CVE-2020-23045
    CVE-2020-23045
    Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection vulnerability via the 'roleId' parameter of the `editRole` and `deletUser` modules.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:22 | 回复:0
  • CVE-2020-23044
    CVE-2020-23044
    DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=xfilename`, `CKEditor` a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:35 | 回复:0
  • CVE-2020-23043
    CVE-2020-23043
    Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:19 | 回复:0
  • CVE-2020-23042
    CVE-2020-23042
    Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` module. This vulnerability allows ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:23 | 回复:0
  • CVE-2020-23041
    CVE-2020-23041
    Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` exception-handling. This vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:20 | 回复:0
  • CVE-2020-23040
    CVE-2020-23040
    Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attackers to access sensitive data and files via 'null' path commands.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:18 | 回复:0
  • CVE-2020-23039
    CVE-2020-23039
    Folder Lock v3.4.5 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Create Folder function under the 'create' module. This vulnerability allows attackers to e ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:30 | 回复:0
  • CVE-2020-23038
    CVE-2020-23038
    Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2020-23037
    CVE-2020-23037
    Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:33 | 回复:0
  • CVE-2020-23036
    CVE-2020-23036
    MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the `password` authentication parameter of the wifi photo transfer module. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:22 | 回复:0
  • CVE-2021-42840
    CVE-2021-42840
    SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:24 | 回复:0
  • CVE-2021-42556
    CVE-2021-42556
    Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within sp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:10 | 回复:0
  • CVE-2021-41171
    CVE-2021-41171
    eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many differ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:10 | 回复:0
  • CVE-2021-29835
    CVE-2021-29835
    IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:25 | 回复:0
  • CVE-2021-42836
    CVE-2021-42836
    GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:18 | 回复:0
  • CVE-2021-42542
    CVE-2021-42542
    The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2021-42540
    CVE-2021-42540
    The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:11 | 回复:0
  • CVE-2021-42539
    CVE-2021-42539
    The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:27 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap