2125 matches found
CVE-2020-5979
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges...
Vulnerability fixed in PowerDNS
A vulnerability has been fixed in PowerDNS. The vulnerability allows an authenticated malicious person with access to the control panel or the REST API to gain access to system data. obtain. PowerDNS has released updates to fix the vulnerability. More information can be found on the page below:...
cPanel Privilege Management Vulnerability
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel versions prior to 88.03, which stems from having weak privileges globally readable to t...
powerdns -- Leaking uninitialised memory through crafted zone records
PowerDNS Team reports CVE-2020-17482: An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50937)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP of vBulletin 5.6.3. The vulnerability can be exploited to conduct a cross-site scripting attack via the headings of the sub-help items in the "Login/Logout...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50938)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited to conduct cross-site scripting attacks via the admincp/search.php?do=dosearch URI...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50936)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Style Manager's Style Options Settin...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50940)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Smilie title of Smilies Manager...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50939)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP of vBulletin 5.6.3. The vulnerability can be exploited to conduct cross-site scripting attacks via the "Pay to subscribe to email notifications" field in t...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50935)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Junior Member Title in the User Titl...
CVE-2020-25124
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI...
CVE-2020-25124
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI...
CVE-2020-25117
The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...
CVE-2020-25116
The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...
CVE-2020-25120
The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI...
CVE-2020-25122
The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...
CVE-2020-25118
The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager...
Design/Logic Flaw
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI...
ExpressionEngine: SQL injection at /admin.php?/cp/members/create
SQL injection vulnerability in the control panel. This is limited to users who have access to the control panel, and the ability to create members...
Azbuka Vkusa: Unauthorized access to choice.av.ru control panel
Closed...