CVE-2020-23620

The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

CVE-2025-23620

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in trof Captchelfie – Captcha by Selfie captchelfie-captcha-by-selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through = 1.0.7...

CVE-2025-23620 WordPress Captchelfie – Captcha by Selfie plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in trof Captchelfie – Captcha by Selfie captchelfie-captcha-by-selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through = 1.0.7...

CVE-2025-23620 WordPress Captchelfie – Captcha by Selfie plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in trof Captchelfie – Captcha by Selfie captchelfie-captcha-by-selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through = 1.0.7...

CVE-2024-23620

creationtimestamp| type| source ---|---|--- 2024-01-26 01:31:32+00:00| seen| https://t.me/ctinow/173916 2024-02-18 20:16:15+00:00| seen| https://t.me/ctinow/187356...

CVE-2024-23620

An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM...

CVE-2024-23620

An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM...

CVE-2024-23620

CVE-2024-23620 describes an improper privilege management vulnerability in IBM Merge Healthcare eFilm Workstation. The issue allows a local, authenticated attacker to escalate privileges to SYSTEM, due to faulty privilege handling within the software. Affected product: IBM Merge Healthcare eFilm ...

CVE-2023-23620

Discourse (open-source discussion platform) has a vulnerability where contents of latest/top routes for restricted tags could be accessed by unauthorized users. Affected versions are prior to 3.0.1 on the stable branch and prior to 3.1.0.beta2 on the beta/tests-passed branches. The issue is patch...

CVE-2023-23620 Discourse restricted tag routes leak topic information

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and 3.1.0.beta2 on the beta and tests-passed branches, the contents of latest/top routes for restricted tags can be accessed by unauthorized users. This issue is patched in version 3.0.1 on the stable...

CVE-2020-23620

creationtimestamp| type| source ---|---|--- 2022-05-03 02:28:17+00:00| seen| https://t.me/cibsecurity/41786...

CVE-2020-23620

The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

CVE-2020-23620

The CVE-2020-23620 entry concerns Orlansoft ERP’s Java Remote Management Interface, with a vulnerability caused by insecure deserialization of user-supplied content. This allows an attacker to execute arbitrary Java code by submitting a crafted serialized object. Multiple connected documents (inc...

CVE-2020-23620

The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

CVE-2022-23620

CVE-2022-23620 (XWiki Platform) describes a path traversal vulnerability in affected versions where AbstractSxExportURLFactoryActionHandler#processSx fails to escape SSX document references during HTML export. This allows reference elements containing filesystem syntax (e.g., ../, ./, /) to be se...

CVE-2022-23620 Path traversal in xwiki-platform-skin-skinx

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandlerprocessSx does not escape anything from SSX document references when serializing it on filesystem, it is possible to for the HTML...

ACDSee - &#039;.XPM&#039; File Section Buffer Overflow (Metasploit)

$Id: acdseexpm.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ requi...

ACDSee XPM File Section Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ACDSee XPM File...

ACDSee XPM File Section Buffer Overflow

This module exploits a buffer overflow in ACDSee 9.0. When viewing a malicious XPM file with the ACDSee product, a remote attacker could overflow a buffer and execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...