Export limit exceeded: 364834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364834 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36067 | 1 Gjson Project | 1 Gjson | 2024-11-21 | 7.5 High |
| GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call. | ||||
| CVE-2020-36066 | 1 Gjson Project | 1 Gjson | 2024-11-21 | 7.5 High |
| GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON. | ||||
| CVE-2020-36064 | 1 Online Course Registration Project | 1 Online Course Registration | 2024-11-21 | 9.8 Critical |
| Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | ||||
| CVE-2020-36062 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 9.8 Critical |
| Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | ||||
| CVE-2020-36056 | 1 Beetel | 2 777vr1, 777vr1 Firmware | 2024-11-21 | 5.4 Medium |
| Beetel 777VR1-DI Hardware Version REV.1.01 Firmware Version V01.00.09_55 was discovered to contain a cross-site scripting (XSS) vulnerability via the Ping diagnostic option. | ||||
| CVE-2020-36052 | 1 1234n | 1 Minicms | 2024-11-21 | 9.8 Critical |
| Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote attackers to include and execute arbitrary files via the state parameter. | ||||
| CVE-2020-36051 | 1 1234n | 1 Minicms | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in page_edit.php in MiniCMS V1.10 allows remote attackers to read arbitrary files via the state parameter. | ||||
| CVE-2020-36049 | 1 Socket | 1 Socket.io-parser | 2024-11-21 | 7.5 High |
| socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used. | ||||
| CVE-2020-36048 | 1 Socket | 1 Engine.io | 2024-11-21 | 7.5 High |
| Engine.IO before 4.0.0 allows attackers to cause a denial of service (resource consumption) via a POST request to the long polling transport. | ||||
| CVE-2020-36037 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 8.8 High |
| An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php. | ||||
| CVE-2020-36034 | 1 School Faculty Scheduling System Project | 1 School Faculty Scheduling System | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php. | ||||
| CVE-2020-36033 | 1 Water Billing System Project | 1 Water Billing System | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php. | ||||
| CVE-2020-36012 | 1 Bdtask | 1 Multi-store | 2024-11-21 | 4.8 Medium |
| Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field. | ||||
| CVE-2020-36011 | 1 Qdocs | 1 Smart Hospital | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field. | ||||
| CVE-2020-36009 | 1 Obottle Project | 1 Obottle | 2024-11-21 | 7.5 High |
| OBottle 2.0 in \c\g.php contains an arbitrary file download vulnerability. | ||||
| CVE-2020-36008 | 1 Obottle Project | 1 Obottle | 2024-11-21 | 8.1 High |
| OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability. | ||||
| CVE-2020-36007 | 1 Appcms | 1 Appcms | 2024-11-21 | 6.1 Medium |
| AppCMS 2.0.101 in /admin/template/tpl_app.php has a cross site scripting attack vulnerability which allows the attacker to obtain sensitive information of other users. | ||||
| CVE-2020-36006 | 1 Appcms | 1 Appcms | 2024-11-21 | 6.5 Medium |
| AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site. | ||||
| CVE-2020-36005 | 1 Appcms | 1 Appcms | 2024-11-21 | 6.5 Medium |
| AppCMS 2.0.101 in /admin/app.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site. | ||||
| CVE-2020-36004 | 1 Appcms | 1 Appcms | 2024-11-21 | 6.5 Medium |
| AppCMS 2.0.101 in /admin/download_frame.php has a SQL injection vulnerability which allows attackers to obtain sensitive database information. | ||||