BIT-TEMPORAL-2023-3485 Insecure Default Authorization in Temporal Server

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

CVE-2015-9385

The quotes-and-tips plugin before 1.20 for WordPress has XSS...

HPE Moonshot Provisioning Manager Path Traversal Vulnerability

A path traversal vulnerability in HPE Moonshot Provisioning Manager prior to v1.20, which stems from incorrectly handling user input that results in traversing a directory triggering khuploadfile.cgi, can be exploited by an attacker to cause remote code execution, denial of service, and/or...

D-link IP camera DCS-2103 with firmware cross-site scripting vulnerability

D-link IP camera DCS-2103 is a camera for IP surveillance solution. A cross-site scripting vulnerability exists in D-link IP camera DCS-2103 with firmware versions prior to 1.20, which allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING parameter in vb.htm...

DEBIAN-CVE-2003-0832

Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. dot dot sequences in a Hostname header...