ThemeREX Addons - Remote Code Execution

ThemeREX Addons plugin before 2020-03-09 for WordPress contains an access control vulnerability in the /trxaddons/v2/get/sclayout REST API endpoint, allowing any users to execute PHP functions because includes/plugin.rest-api.php calls trxaddonsrestgetsclayout with an unsafe sc parameter, letting...

Apache Unomi <1.5.2 - Remote Code Execution

Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. This vulnerability affects all versions of Apache Unomi prior to 1.5.2. id:...

Agentejo Cockpit 0.10.2 - Cross-Site Scripting

Agentejo Cockpit 0.10.2 contains a reflected cross-site scripting vulnerability due to insufficient sanitization of the to parameter in the /auth/login route, which allows for injection of arbitrary JavaScript code into a web page's content. id: CVE-2020-14408 info: name: Agentejo Cockpit 0.10.2 ...

Apache APISIX - Insufficiently Protected Credentials

Apache APISIX 1.2, 1.3, 1.4, and 1.5 is susceptible to insufficiently protected credentials. An attacker can enable the Admin API and delete the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. id: CVE-2020-13945 info: name: Apache...

NeDi 1.9C - Cross-Site Scripting

NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a...

Intelbras TIP 200/200 LITE/300 - Local File Inclusion

Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 are vulnerable to local file inclusion via the 'page' parameter in /cgi-bin/cgiServer.exx, allowing unauthenticated attackers to read arbitrary files such as /etc/passwd. id: CVE-2020-13886 info: name: Intelbras TIP...

rConfig 3.9.4 - Cross-Site Scripting

rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the rid GET parameter of devicemgmnt.php id: CVE-2020-12259 info: name: rConfig 3.9.4 - Cross-Site Scripting...

Extreme Management Center 8.4.1.24 - Cross-Site Scripting

Extreme Management Center 8.4.1.24 contains a cross-site scripting vulnerability via a parameter in a GET request. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

PRTG Network Monitor <20.1.57.1745 - Information Disclosure

PRTG Network Monitor before 20.1.57.1745 is susceptible to information disclosure. An attacker can obtain information about probes running or the server itself via an HTTP request, thus potentially being able to modify data and/or execute unauthorized administrative operations in the context of t...

TeamPass 2.1.27.36 - Improper Authentication

TeamPass 2.1.27.36 is susceptible to improper authentication. An attacker can retrieve files from the TeamPass web root, which may include backups or LDAP debug files, and therefore possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-12478 info...

wpDiscuz <= 5.3.5 - SQL Injection

A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. id: CVE-2020-13640 info: name: wpDiscuz = 5.3.5 - SQL Injection author: Sourabh-Sahu severity:...

Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

Nova Lite < 1.3.9 - Cross-Site Scripting

Nova Lite before 1.3.9 for WordPress is susceptible to reflected cross-site scripting via search.php. id: CVE-2020-17362 info: name: Nova Lite 1.3.9 - Cross-Site Scripting author: daffainfo severity: medium description: Nova Lite before 1.3.9 for WordPress is susceptible to reflected cross-site...

OPNsense <=20.1.5 - Open Redirect

OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id:...

RosarioSIS 6.7.2 - Cross-Site Scripting

RosarioSIS version 6.7.2 and earlier contains a reflected cross-site scripting XSS vulnerability in the Preferences module. The 'tab' parameter in Modules.php is not properly sanitized, allowing an attacker to inject arbitrary JavaScript code via a crafted URL. id: CVE-2020-15718 info: name:...

Mara CMS 7.5 - Cross-Site Scripting

Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the theme or pagetheme parameters. id: CVE-2020-24223 info: name: Mara CMS 7.5 - Cross-Site Scripting author: pikpikcu severity: medium description: Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the them...

ThinkCMF X2.2.2 - Remote Code Execution

ThinkCMF X2.2.2 and below contain a remote code execution caused by processing crafted packets, letting attackers execute arbitrary code remotely, exploit requires sending malicious packets. id: CVE-2020-20601 info: name: ThinkCMF X2.2.2 - Remote Code Execution author: pikpikcu severity: critical...

Yii 2 < 2.0.38 - Remote Code Execution

Yii 2 yiisoft/yii2 before version 2.0.38 is vulnerable to remote code execution if the application calls unserialize on arbitrary user input. id: CVE-2020-15148 info: name: Yii 2 2.0.38 - Remote Code Execution author: pikpikcu severity: critical description: Yii 2 yiisoft/yii2 before version 2.0....

shadoweb wdja v1.5.1 - Cross-Site Scripting

shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. id: CVE-2020-20982 info: name: shadoweb wdja v1.5.1 - Cross-Site Scripting author:...

74cms - ajax_officebuilding.php SQL Injection

A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajaxofficebuilding.php. id: CVE-2020-22210 info: name: 74cms - ajaxofficebuilding.php SQL Injection author: ritikchaddha severity: critical description: | A SQL injection vulnerability exists in 74cms 3.2.0 via the x...