Export limit exceeded: 363288 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363288 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-18175 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php. | ||||
| CVE-2020-18174 | 1 Autohotkey | 1 Autohotkey | 2024-11-21 | 9.8 Critical |
| A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges. | ||||
| CVE-2020-18173 | 1 1password | 1 1password | 2024-11-21 | 7.8 High |
| A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code. | ||||
| CVE-2020-18172 | 1 Trezor | 1 Bridge | 2024-11-21 | 9.8 Critical |
| A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges. | ||||
| CVE-2020-18170 | 1 Abloy | 1 Key Manager | 2024-11-21 | 9.8 Critical |
| An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions. | ||||
| CVE-2020-18167 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu". | ||||
| CVE-2020-18166 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 9.8 Critical |
| Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc". | ||||
| CVE-2020-18165 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu". | ||||
| CVE-2020-18164 | 1 Tp-shop | 1 Tp-shop | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability exists in tp-shop 2.x-3.x via the /index.php/home/api/shop fBill parameter. | ||||
| CVE-2020-18158 | 1 Hucart | 1 Hucart | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php. | ||||
| CVE-2020-18157 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 8.8 High |
| Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php. | ||||
| CVE-2020-18155 | 1 Intelliants | 1 Subrion | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection. | ||||
| CVE-2020-18151 | 1 Thinkcmf | 1 Thinkcmf | 2024-11-21 | 6.5 Medium |
| Cross Site Request Forgery (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account. | ||||
| CVE-2020-18145 | 1 Baidu | 1 Umeditor | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php. | ||||
| CVE-2020-18144 | 1 Ectouch | 1 Ectouch | 2024-11-21 | 9.8 Critical |
| SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php. | ||||
| CVE-2020-18129 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 8.8 High |
| A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php. | ||||
| CVE-2020-18127 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 6.5 Medium |
| An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files. | ||||
| CVE-2020-18126 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 5.4 Medium |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-18125 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-18124 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 5.7 Medium |
| A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords. | ||||