184 matches found
ELEX WooCommerce Google Shopping < 1.2.4 - Reflected Cross-Site Scripting (XSS)
The plugin does not sanitise or escape the search GET parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue, which will be executed in a logged in admin context https://example.com/wp-admin/admin.php?page=elex-product-feed-manage&search="alert/XSS/...
CVE-2020-9527
Firmware developed by Shenzhen Hichip Vision Technology V6 through V20, after 2018-08-09 through 2020, as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via...
CVE-2020-9527
Firmware developed by Shenzhen Hichip Vision Technology V6 through V20, after 2018-08-09 through 2020, as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via...
Advantech WebAccess
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1...