13538 matches found
Cayin CMS Command Injection (CVE-2020-7357)
A command injection vulnerability exists in Cayin CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
ClearSite Beta Remote File Inclusion (CVE-2010-2145)
A remote file inclusion vulnerability exists in ClearSite Beta. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Gonitro Nitro Pro Integer Overflow (CVE-2020-6092)
An integer overflow vulnerability exists in Gonitro Nitro Pro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TP-LINK TL-WR849N Authentication Bypass (CVE-2019-19143)
An authentication bypass vulnerability exists in TP-LINK TL-WR849N. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
AntennaHouse DMC HTMLFilter Memory Corruption (CVE-2016-8383)
A remote code execution vulnerability exists in AntennaHouse DMC HTMLFilter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle E-Business Suite HR Component Multiple Vulnerabilities (CVE-2016-0517)
A vulnerability exists in Oracle E-Business Suite. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Windows Privilege Escalation (CVE-2016-0070)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Git LFS Remote Code Execution (CVE-2020-27955)
A remote code execution vulnerability exists in Git LFS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Tiki Wiki CMS Authentication Bypass (CVE-2020-15906)
An authentication bypass vulnerability exists in Tiki Wiki CMS. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
rConfig Remote Code Execution (CVE-2020-13778)
A remote code execution vulnerability exists in rConfig. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
ASUS TM-AC1900 Command Injection
A command injection vulnerability exists in ASUS TM-AC1900. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
VBulletin Remote Code Execution (CVE-2020-7373)
A remote code execution vulnerability exists in VBulletin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Wordpress Yoast SEO Plugin Arbitrary File Upload
An arbitrary file upload vulnerability exists in Wordpress Yoast SEO Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Type Confusion (CVE-2020-16009)
A type confusion vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Seat Reservation System Arbitrary File Upload (CVE-2020-25763)
An arbitrary file upload vulnerability exists in Seat Reservation System. The vulnerability is due to improper validation of user supplied data in UploadAction. Successful exploitation could result in uploading potentially dangerous file which may lead to arbitrary code execution...
RAD SecFlow-1v Cross Site Request Forgery (CVE-2020-13259)
A cross site request forgery vulnerability exists in RAD SecFlow-1v. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Crestron Stack Overflow (CVE-2019-3930)
A stack overflow vulnerability exists in Crestron. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Amcrest Cameras Stack Buffer Overflow (CVE-2020-5735)
A buffer overflow vulnerability exists in Amcrest Cameras. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...
Amcrest Cameras Null Pointer Dereference (CVE-2020-5736)
A null pointer dereference vulnerability exists in Amcrest Cameras. Successful exploitation of this vulnerability could results in a crash leading to denial of service conditions...
WordPress OneMall Plugin Reflected Cross Site Scripting
A reflected cross site scripting vulnerability exists in WordPress OneMall Plugin. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
Crestron Authentication Bypass (CVE-2019-3932)
An authentication bypass vulnerability exists in Crestron. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
TOTOLINK Realtek SDK Routers Authentication Bypass (CVE-2019-19825)
An authentication bypass vulnerability exists in TOTOLINK Realtek SDK Routers. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
Citadel WebCit Cross Site Scripting (CVE-2020-27739)
A cross-site scripting vulnerability exists in Citadel WebCit. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
OpenMRS Cross-Site Scripting (CVE-2020-5730)
A cross-site scripting vulnerability exists in OpenMRS. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...
Winston Command Injection (CVE-2020-16257)
A command injection vulnerability exists in Winston. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Citrix XenMobile Server Directory Traversal (CVE-2020-8209)
A directory traversal vulnerability exists in Citrix XenMobile. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Joomla Publisher Component Persistent Cross-Site Scripting
A cross-site scripting vulnerability exists in Joomla Publisher Component. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Winston Cross Site Request Forgery (CVE-2020-16256)
A cross site request forgery vulnerability exists in Winston. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Sonatype Nexus Repository Stored Cross Site Scripting (CVE-2020-10203)
A cross-site scripting vulnerability exists in Sonatype Nexus Repository. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Inductive Automation Ignition Insecure Deserialization (CVE-2020-12004; CVE-2020-10644)
An insecure deserialization vulnerability exists in Inductive Automation Ignition. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Zoho ManageEngine Applications Manager Arbitrary File Upload (CVE-2020-14008)
An arbitrary file upload vulnerability exists in Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user supplied data in UploadAction. Successful exploitation could result in uploading potentially dangerous file which may lead to arbitrary code execution...
WordPress NextGEN Gallery Plugin Cross-Site Scripting (CVE-2010-1186)
A script injection vulnerability exists in Alex rabe nextgen gallery 0.33. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Zoho ManageEngine Applications Manager SQL Injection (CVE-2020-27995)
A SQL injection vulnerability exists in the Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input in processing MyPage.do action...
SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)
A cross-site request forgery vulnerability exists in SMA Solar Technology Sunny WebBox. A remote attacker can exploit this vulnerability by enticing a target authenticated user to visit a specially crafted page...
QNAP Photo Station Remote Code Execution (CVE-2019-7192; CVE-2019-7193; CVE-2019-7194; CVE-2019-7195)
A remote code execution vulnerability exists in QNAP NAS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CactuShop invoice.asp Cross-Site Scripting (CVE-2010-1486)
A cross-site scripting vulnerability exists in Cactushop cactushop 3. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Rebar3 Command Injection (CVE-2020-13802)
A command injection vulnerability exists in Rebar3. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Intelbras Wireless N Authentication Bypass (CVE-2019-19142)
An authentication bypass vulnerability exists in Intelbras Wireless N. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
Ruckus IoT Controller Web UI Command Injection (CVE-2020-26878)
A remote command injection vulnerability exists in Ruckus IoT Controller Web UI. The vulnerability is due to improper handling of a crafted HTTP request...
EyesOfNetwork Remote Code Execution (CVE-2020-8655)
A remote code execution vulnerability exists in EyesOfNetwork. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Artica Proxy Command Injection (CVE-2020-17505)
A command injection vulnerability exists in Artica Proxy. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
ClonOs WEB UI Authentication Bypass (CVE-2019-18418)
An authentication bypass vulnerability exists in ClonOs WEB UI. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
WordPress Social Photo Gallery Plugin Remote Code Execution (CVE-2019-14467)
A remote code execution vulnerability exists in WordPress Social Photo Gallery Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
FusionAuth Command Injection (CVE-2020-7799)
A command injection vulnerability exists in FusionAuth. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Furukawa Electric ConsciusMAP Insecure Deserialization (CVE-2020-12133)
An insecure deserialization vulnerability exists in Furukawa Electric ConsciusMAP. A successful attack could result in the execution of arbitrary code on the affected system...
SQL Injection Over HTTP Traffic (CVE-2020-11530; CVE-2020-17463; CVE-2020-17506; CVE-2020-25990; CVE-2020-27481; CVE-2020-5766; CVE-2020-8655; CVE-2020-8656; CVE-2020-9465)
SQL Injection Over HTTP Traffic...
Arbitrary Code Execution Over HTTP Traffic (CVE-2011-2523; CVE-2019-18345; CVE-2019-19143; CVE-2020-15492; CVE-2020-16210; CVE-2020-21526; CVE-2020-24379; CVE-2020-6142; CVE-2020-8010; CVE-2020-9380)
Arbitrary Code Execution Over HTTP Traffic...
Cisco Security Manager Remote Code Execution (CVE-2020-27131)
A remote code execution vulnerability exists in Cisco Security Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Citrix SD-WAN Center Remote Code Execution (CVE-2020-8271)
A remote code execution vulnerability exists in Citrix SD-WAN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TOTOLINK Realtek SDK Routers Command Injection (CVE-2019-19824)
A command injection vulnerability exists in TOTOLINK Realtek SDK Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...