Export limit exceeded: 363337 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363337 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21809 | 1 Nukeviet | 1 Nukeviet | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php. | ||||
| CVE-2020-21808 | 1 Nukeviet | 1 Nukeviet | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. | ||||
| CVE-2020-21806 | 1 Ectouch | 1 Ectouch | 2024-11-21 | 9.8 Critical |
| SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php.. | ||||
| CVE-2020-21788 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 4.3 Medium |
| In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php. | ||||
| CVE-2020-21787 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 9.8 Critical |
| CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php. | ||||
| CVE-2020-21786 | 1 Ibos | 1 Ibos | 2024-11-21 | 9.8 Critical |
| In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php. | ||||
| CVE-2020-21785 | 1 Ibos | 1 Ibos | 2024-11-21 | 8.8 High |
| In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability. | ||||
| CVE-2020-21784 | 1 Phpwcms | 1 Phpwcms | 2024-11-21 | 9.8 Critical |
| phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. | ||||
| CVE-2020-21783 | 1 Ibos | 1 Ibos | 2024-11-21 | 6.1 Medium |
| In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter. | ||||
| CVE-2020-21733 | 1 Sagemcom | 2 F\@st 3686, F\@st 3686 Firmware | 2024-11-21 | 6.1 Medium |
| Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp. | ||||
| CVE-2020-21732 | 1 Rukovoditel | 1 Rukovoditel | 2024-11-21 | 6.1 Medium |
| Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS). An attacker can add JavaScript code to the filename. | ||||
| CVE-2020-21731 | 1 Gazie Project | 1 Gazie | 2024-11-21 | 6.1 Medium |
| Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code. | ||||
| CVE-2020-21729 | 1 Jeecms | 1 Jeecms X | 2024-11-21 | 5.4 Medium |
| JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2020-21726 | 1 Opensns | 1 Opensns | 2024-11-21 | 9.8 Critical |
| OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter. | ||||
| CVE-2020-21725 | 1 Opensns | 1 Opensns | 2024-11-21 | 9.8 Critical |
| OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter. | ||||
| CVE-2020-21724 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file. | ||||
| CVE-2020-21723 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | 5.5 Medium |
| A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file. | ||||
| CVE-2020-21722 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file. | ||||
| CVE-2020-21710 | 2 Artifex, Redhat | 2 Ghostscript, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. | ||||
| CVE-2020-21699 | 1 Alibaba | 1 Tengine | 2024-11-21 | 7.5 High |
| The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests. | ||||