Export limit exceeded: 364271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364271 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37089 | 1 Arox | 1 School Erp Pro | 2026-03-05 | 8.2 High |
| School ERP Pro 1.0 contains a SQL injection vulnerability in the 'es_messagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete database information. | ||||
| CVE-2020-37088 | 1 Arox | 1 School Erp Pro | 2026-03-05 | 7.5 High |
| School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information. | ||||
| CVE-2020-37084 | 1 Arox | 1 School Erp Pro | 2026-03-05 | 7.2 High |
| School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the server. | ||||
| CVE-2020-37082 | 1 Weberp | 1 Weberp | 2026-03-05 | 9.8 Critical |
| webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup_[timestamp].sql.gz file. | ||||
| CVE-2020-37079 | 2 Wftpserver, Winftp Server | 2 Wing Ftp Server, Winftp Server | 2026-03-05 | 4.3 Medium |
| Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user account without proper authorization. | ||||
| CVE-2020-37054 | 1 Naviwebs | 1 Navigate Cms | 2026-03-05 | 4.3 Medium |
| Navigate CMS 2.8.7 contains a cross-site request forgery vulnerability that allows attackers to upload malicious extensions through a crafted HTML page. Attackers can trick authenticated administrators into executing arbitrary file uploads by leveraging the extension upload functionality without additional validation. | ||||
| CVE-2020-37053 | 1 Naviwebs | 1 Navigate Cms | 2026-03-05 | 7.1 High |
| Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database information by manipulating the 'sidx' parameter in comments. Attackers can exploit the vulnerability to extract user activation keys by using time-based blind SQL injection techniques, potentially enabling password reset for administrative accounts. | ||||
| CVE-2020-37044 | 2 Citeum, Opencti-platform | 2 Opencti, Opencti | 2026-03-05 | 5.4 Medium |
| OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting (XSS) attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For example, a request to /graphql?'"--></style></scRipt><scRipt>alert('Raif_Berkay')</scRipt> will trigger an alert. This vulnerability was discovered by Raif Berkay Dincel and confirmed on Linux Mint and Windows 10. | ||||
| CVE-2020-37041 | 2 Citeum, Opencti-platform | 2 Opencti, Opencti | 2026-03-05 | 7.5 High |
| OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences (e.g., '../') in the URL. For example, requesting /static/css//../../../../../../../../etc/passwd returns the contents of /etc/passwd. This vulnerability was discovered by Raif Berkay Dincel and confirmed on Linux Mint and Windows 10. | ||||
| CVE-2020-37032 | 1 Wftpserver | 1 Wing Ftp Server | 2026-03-05 | 8.8 High |
| Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the os.execute() function. | ||||
| CVE-2020-37007 | 1 Salihciftci | 1 Liman | 2026-03-05 | 5.3 Medium |
| Liman 0.7 contains a cross-site request forgery vulnerability that allows attackers to manipulate user account settings without proper request validation. Attackers can craft malicious HTML forms to change user passwords or modify account information by tricking logged-in users into submitting unauthorized requests. | ||||
| CVE-2020-36993 | 1 Limesurvey | 1 Limesurvey | 2026-03-05 | 5.4 Medium |
| LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenu[title] and Surveymenu[parent_id] parameters to execute arbitrary JavaScript in administrative contexts. | ||||
| CVE-2020-36972 | 1 Smartdatasoft | 1 Smartblog | 2026-03-05 | 8.2 High |
| SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare character-by-character of database information. | ||||
| CVE-2020-36969 | 1 Tildeslash | 2 M\/monit, Monit | 2026-03-05 | 8.8 High |
| M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standard user account. | ||||
| CVE-2020-36968 | 1 Tildeslash | 2 M\/monit, Monit | 2026-03-05 | 6.5 Medium |
| M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users. | ||||
| CVE-2020-36962 | 1 Tendenci | 1 Tendenci | 2026-03-05 | 9.8 Critical |
| Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during export. Attackers can submit crafted payloads like '=10+20+cmd|' /C calc'!A0' in the message field to trigger arbitrary command execution when the CSV is opened in spreadsheet applications. | ||||
| CVE-2020-36947 | 1 Librenms | 1 Librenms | 2026-03-05 | 7.1 High |
| LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve sensitive database contents through time-based blind SQL injection. | ||||
| CVE-2020-36944 | 1 Ilias | 2 Ilias, Learning Management System | 2026-03-05 | 4 Medium |
| ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to PDF. | ||||
| CVE-2020-36930 | 1 Flexense | 1 Sysgauge | 2026-03-05 | 7.8 High |
| SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2020-36927 | 1 Flexense | 1 Diskpulse | 2026-03-05 | 7.8 High |
| DiskPulse Enterprise 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Pulse Enterprise\bin\diskpls.exe' to inject malicious executables and escalate privileges. | ||||