CVE-2020-6117

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2020-16205

Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5. Recent assessments: gwillcox-r7 at November 25, 2020 5:11pm UTC reported: The serv...

CVE-2020-3521

A vulnerability in a specific REST API of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker...

PT-2020-3709 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: A cross-site-scripting XSS issue exists due to improper sanitization of specially crafted web requests by Microsoft SharePoint Server. An authenticated attacker could...

Code injection

rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences %2f..%2f in the path parameter to view arbitrary files on the system...

CVE-2020-15120

In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this other project's...

CVE-2020-15120

CVE-2020-15120 concerns I hate money prior to 4.1.5, where an authenticated member of one project could modify or delete members of another project and access all bills of that project. Root cause involves insufficient project-scoped checks, enabling cross-project membership alterations once an a...

CVE-2020-10600

CVE-2020-10600 affects OSIsoft PI System: a NULL pointer dereference vulnerability in the PI Archive Subsystem can be triggered by an authenticated remote attacker under memory pressure, potentially blocking queries to the PI Data Archive (2018 SP2 and earlier). The vulnerability is documented wi...

CVE-2020-12028

CVE-2020-12028 affects Rockwell Automation FactoryTalk View SE SCADA (FactoryTalk View SEA remote). The issue arises from handlers that do not enforce permissions, enabling an attacker to interact with remote endpoint data. Exploitation is described as an unauthenticated/remote chain of vulnerabi...

CVE-2020-5768

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...

PT-2020-3112 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: The issue is related to a lack of proper validation of files uploaded to an affected device, allowing an authenticated, remote attacker to conduct directory traversal...

Cisco Application Services Engine Access Control Error Vulnerability

Cisco Application Services Engine is the United States Cisco Cisco company's set of common platform for the deployment of Cisco data center applications. The keystore in Cisco Application Services Engine versions prior to 1.1.2.20 is vulnerable to an Access Control Error vulnerability that stems...

CVE-2020-3267

A vulnerability in the API subsystem of Cisco Unified Contact Center Express Unified CCX could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit...

WordPress JobCareer Plugin Information Disclosure (CVE-2018-19487)

An Information Disclosure vulnerability exists in JobCareer plugin. A remote authenticated attacker may exploit this vulnerability to enumerate information about users...

CVE-2020-4430

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535...

CVE-2019-19223

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface...

Design/Logic Flaw

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...

Cisco SD-WAN Solution SQL Injection Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An SQL injection vulnerability exists in the web interface of Cisco SD-WAN Solution vManage. The vulnerability stems from insufficient validation of user-supplied input. A remote...

DEBIAN-CVE-2019-16780

WordPress users with lower privileges like contributors can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This...

Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write (cisco-sa-20180926-ir800-memwrite)

According to its self-reported version, Cisco IOS is affected by arbitrary memory write vulnerabilities in the embedded test subsystem due to the presence of certain test commands that were intended to be available only in internal development builds of the affected software. An authenticated,...