2470943 matches found
Zend Server <9.13 - Cross-Site Scripting
Zend Server before version 9.13 is vulnerable to cross-site scripting via the debughost parameter. id: CVE-2018-10230 info: name: Zend Server 9.13 - Cross-Site Scripting author: marcosiaf severity: medium description: | Zend Server before version 9.13 is vulnerable to cross-site scripting via the...
D-Link Routers - Local File Inclusion
D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /...
Monstra CMS <=3.0.4 - Cross-Site Scripting
Monstra CMS 3.0.4 and earlier contains a cross-site scripting vulnerability via index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch...
D-Link Routers - Remote Command Injection
D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for...
WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting
Wordpress plugin forget-about-shortcode-buttons 1.1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress e-search <=1.0 - Cross-Site Scripting
Wordpress plugin e-search 1.0 and before contains a cross-site scripting vulnerability via dateselect.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload
WordPress Kaswara Modern VC Addons plugin through 3.0.1 is susceptible to an arbitrary file upload. The plugin allows unauthenticated arbitrary file upload via the uploadFontIcon AJAX action, which can be used to obtain code execution. The supplied zipfile is unzipped in the...
SkyWalking SQLI
When using H2/MySQL/TiDB as Apache SkyWalking storage and a metadata query through GraphQL protocol, there is a SQL injection vulnerability which allows access to unexpected data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQ...
WordPress wpCentral <1.5.1 - Information Disclosure
WordPress wpCentral plugin before 1.5.1 is susceptible to information disclosure. An attacker can access the connection key for WordPress Admin account and thus potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-9043 info: name: WordPress...
Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting
Jira Subversion ALM for Enterprise before 8.8.2 contains a cross-site scripting vulnerability at multiple locations. id: CVE-2020-9344 info: name: Jira Subversion ALM for Enterprise 8.8.2 - Cross-Site Scripting author: madrobot severity: medium description: Jira Subversion ALM for Enterprise befo...
Buffalo WSR-2533DHPL2 - Configuration File Injection
The web interfaces of Buffalo WSR-2533DHPL2 firmware version = 1.02 and WSR-2533DHP3 firmware version = 1.24 does not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially leading to remote code execution. id:...
Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read
Citrix ShareFile StorageZones aka storage zones Controller versions through at least 5.10.x are susceptible to an unauthenticated arbitrary file read vulnerability. id: CVE-2020-8982 info: name: Citrix ShareFile StorageZones =5.10.x - Arbitrary File Read author: dwisiswant0 severity: high...
SonicWall SonicOS 7.0 - Open Redirect
SonicWall SonicOS 7.0 contains an open redirect vulnerability. The values of the Host headers are implicitly set as trusted. An attacker can spoof a particular host header, allowing the attacker to render arbitrary links, obtain sensitive information, modify data, execute unauthorized operations...
Smartstore <4.1.0 - Open Redirect
Smartstore aka "SmartStoreNET" before 4.1.0 contains an open redirect vulnerability via CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data,...
MAGMI - Cross-Site Request Forgery
MAGMI Magento Mass Importer is vulnerable to cross-site request forgery CSRF due to a lack of CSRF tokens. Remote code execution via phpcli command is also possible in the event that CSRF is leveraged against an existing admin session. id: CVE-2020-5776 info: name: MAGMI - Cross-Site Request...
Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery
Canvas version 2020-07-29 is susceptible to blind server-side request forgery. An attacker can cause Canvas to perform HTTP GET requests to arbitrary domains and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-5775 info: name: Canva...
Spring Cloud Netflix - Server-Side Request Forgery
Spring Cloud Netflix 2.2.x prior to 2.2.4, 2.1.x prior to 2.1.6, and older unsupported versions are susceptible to server-side request forgery. Applications can use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. An attacke...
CLink Office 2.0 - Cross-Site Scripting
CLink Office 2.0 is vulnerable to cross-site scripting in the index page of the management console and allows remote attackers to inject arbitrary web script or HTML via the lang parameter. id: CVE-2020-6171 info: name: CLink Office 2.0 - Cross-Site Scripting author: pikpikcu severity: medium...
PHPGurukul Hospital Management System - Cross-Site Scripting
PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. id: CVE-2020-5191 info: name: PHPGurukul Hospital Management System -...