92405 matches found
Oracle iPlanet Web Server 7.0.x - Authentication Bypass
Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE. id:...
Artica Proxy Community Edition <4.30.000000 - Local File Inclusion
Artica Proxy Community Edition before 4.30.000000 is vulnerable to local file inclusion via the fw.progrss.details.php popup parameter. id: CVE-2020-13158 info: name: Artica Proxy Community Edition 4.30.000000 - Local File Inclusion author: 0xAkoko severity: high description: Artica Proxy Communi...
Artica Web Proxy 4.30 - OS Command Injection
Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform. id: CVE-2020-17505 info: name: Artica Web Proxy 4.30 - OS Command Injection author: dwisiswant0...
SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution
SEOWON INTECH SLC-130 and SLR-120S devices allow remote code execution via the ipAddr parameter to the systemlog.cgi page. id: CVE-2020-17456 info: name: SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution author: gy741,edoardottt severity: critical description: SEOWON INTECH...
WordPress PayPal Pro <1.1.65 - SQL Injection
WordPress PayPal Pro plugin before 1.1.65 is susceptible to SQL injection via the 'query' parameter which allows for any unauthenticated user to perform SQL queries with the results output to a web page in JSON format. id: CVE-2020-14092 info: name: WordPress PayPal Pro 1.1.65 - SQL Injection...
IBM Data Risk Manager - Authentication Bypass via SAML
IBM Data Risk Manager versions 2.0.1 through 2.0.6 are vulnerable to authentication bypass when configured with SAML authentication. A remote attacker can bypass security restrictions by sending a specially crafted HTTP request to the SAML idpSelection endpoint, allowing them to bypass the...
CVE-2020-3961
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:18+00:00| seen| https://t.me/pleyadesit/6702 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/6702 2026-07-14 00:00:49+00:00| seen| https://t.me/pleyadesit/6702...
CVE-2020-1341
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/6998 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/6998 2026-07-14 00:00:49+00:00| seen| https://t.me/pleyadesit/6998...
CVE-2020-15499
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/7081 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/7081 2026-07-14 00:00:49+00:00| seen| https://t.me/pleyadesit/7081...
CVE-2020-15896
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/7083 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/7083 2026-07-14 00:00:50+00:00| seen| https://t.me/pleyadesit/7083...
CVE-2020-5777
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/7444 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/7444 2026-07-14 00:00:51+00:00| seen| https://t.me/pleyadesit/7444...
CVE-2020-15892
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/7083 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/7083 2026-07-14 00:00:50+00:00| seen| https://t.me/pleyadesit/7083...
CVE-2020-15299
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/6928 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/6928 2026-07-14 00:00:49+00:00| seen| https://t.me/pleyadesit/6928...
CVE-2020-15895
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:17+00:00| seen| https://t.me/pleyadesit/7083 2026-07-13 00:00:41+00:00| seen| https://t.me/pleyadesit/7083 2026-07-14 00:00:50+00:00| seen| https://t.me/pleyadesit/7083...
CVE-2020-24436
creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:16+00:00| seen| https://t.me/pleyadesit/7890 2026-07-13 00:00:40+00:00| seen| https://t.me/pleyadesit/7890 2026-07-14 00:00:51+00:00| seen| https://t.me/pleyadesit/7890...
CVE-2020-10567
creationtimestamp| type| source ---|---|--- 2026-07-12 11:00:03+00:00| seen| https://t.me/GithubRedTeam/87991 2026-07-13 00:00:45+00:00| seen| https://t.me/GithubRedTeam/87991...
SaltStack <=3002 - Shell Injection
SaltStack Salt through 3002 allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt-API using the SSH client. id: CVE-2020-16846 info: name: SaltStack =3003 to mitigate this vulnerability. reference: -...
EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution
EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...
Apache Airflow <=1.10.10 - Remote Code Execution
Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending on the executor in us...
D-Link DCS-2530L/DCS-2670L - Administrator Password Disclosure
D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices are vulnerable to password disclosures vulnerabilities because the /config/getuser endpoint allows for remote administrator password disclosure. id: CVE-2020-25078 info: name: D-Link DCS-2530L/DCS-2670L - Administrator...