13538 matches found
Geniusocean News SQL Injection (CVE-2017-15981; CVE-2017-15982)
An SQL injection vulnerability exists in Geniusocean News. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Projects World Travel Management System Authentication Bypass (CVE-2020-24203)
An authentication bypass vulnerability exists in Projects World Travel Management System. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
InPage Reader Remote Code Execution (CVE-2017-12824)
A remote code execution vulnerability exists in Inpage inpage . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Sharpshooter HTML Remote Code Execution
Sharpshooter is a tool to create HTA payloads and inject them to HTML Pages using JS. This tool may be used by attackers to remotely execute arbitrary code on the affected system...
Magneto MAGMI Remote Code Execution (CVE-2020-5776)
A remote code execution vulnerability exists in Magneto MAGMI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Seowon Intech Remote Code Execution (CVE-2020-17456)
A remote code execution vulnerability exists in Seowon Intech SLC130. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Newsletter Plugin Reflected Cross Site Scripting
A reflected cross site scripting vulnerability exists in WordPress Newsletter Plugin. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
Technicolor TD5130v2 Oi_Fw_V20 Command Injection (CVE-2019-18396)
A command injection vulnerability exists in Technicolor TD5130v2 OiFwV20. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Netis WF2419 Remote Code Execution (CVE-2019-19356)
A remote code execution vulnerability exists in Netissystems wf2419 firmware 1.2.31805. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Colorbox Plugin Persistent Cross-Site Scripting
A cross-site scripting vulnerability exists in WordPress Colorbox Lightbox plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Netsas Enigma Network Management Solution Remote Code Execution (CVE-2019-16072)
A remote code execution vulnerability exists in Netsas enigma network management solution 65.0.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Demiguise HTML Remote Code Execution
Demiguise is a tool to inject malicious payload in HTA format to HTML Pages using JS. This tool may be used by attackers to remotely execute arbitrary code on the affected system...
Drupal Core Remote PHP Code Execution (CVE-2019-6340)
A code execution vulnerability exists in Drupal Core. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
QNAP NAS Remote Code Execution
A remote code execution vulnerability exists in QNAP NAS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Uninitialized Memory Corruption (CVE-2009-0075)
A remote code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has been deleted. Successful exploitation of this vulnerability will crash the browser, allowing execution of arbitrary code on the vulnerable...
Zeroshell Remote Code Execution (CVE-2019-12725)
A remote code execution vulnerability exists in Zeroshell. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Active Directory Information Disclosure (CVE-2020-0856)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2020-1115)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Information Disclosure (CVE-2020-0941)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft DirectX Elevation of Privilege (CVE-2020-1308)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-1245)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Win32k Elevation of Privilege (CVE-2020-1152)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Active Directory Information Disclosure (CVE-2020-0664)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
OCS Inventory NG CommandLine.php Command Injection (CVE-2020-14947)
A command injection vulnerability exists in OCS Inventory NG. The vulnerability is due to insufficient input validation in the CommandLine.php...
WordPress NextGen Gallery Sell Photo Plugin Cross Site Scripting
A cross-site scripting vulnerability exists in WordPress NextGen Gallery Sell Photo Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Online Shopping Alphaware Authentication Bypass
An authentication bypass vulnerability exists in Online Shopping Alphaware. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
Google Chrome V8 Remote Code Execution (CVE-2018-17463)
A remote code execution vulnerability exists in Google Chrome V8. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Advantech WebAccess NMS ConfigRestoreAction Arbitrary File Upload (CVE-2020-10621)
An arbitrary file upload vulnerability exists in Advantech WebAccess NMS. The vulnerability is due to insufficient input validation on file paths in the ConfigRestoreAction servlet...
Systemd journald Privilege Escalation (CVE-2018-16864)
A privilege escalation vulnerability exists in Systemd-journald. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
ERS Data System Remote Code Execution (CVE-2017-14702)
A remote code execution vulnerability exists in ERS Data System. Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on the affected system...
Elaniin CMS Authentication Bypass
An authentication bypass vulnerability exists in Elaniin CMS. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
Oracle WebLogic Server Insecure Deserialization (CVE-2020-14625)
An insecure deserialization vulnerability exists in Oracle Weblogic. This vulnerability is due to insufficient validation of T3 and IIOP requests...
Easycorp Zentao Pro Command Injection (CVE-2020-7361)
A command injection vulnerability exists in Easycorp Zentao Pro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
WordPress SeedProd Plugin Persistent Cross-Site Scripting (CVE-2020-15038)
A persistent cross site scripting vulnerability exists in WordPress SeedProd Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Atos Magento Command Injection (CVE-2020-13404)
A command injection vulnerability exists in Atos Magento. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Apache Ofbiz Cross Site Scripting (CVE-2020-9496)
A cross-site scripting vulnerability exists in Apache Ofbiz. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
RPCbind XDR Parsing Memory Exhaustion Denial of Service (CVE-2017-8779)
A resource exhaustion vulnerability exists in rpcbind, within its associated library libtirpc. The vulnerability is due to an unbounded memory leak when parsing XDR strings. A remote attacker could exploit this vulnerability by sending specially crafted RPC messages to the vulnerable server...
Cisco UCS Director saveStaticConfig Directory Traversal (CVE-2020-3248)
A directory traversal vulnerability exists in Cisco UCS Directory. The vulnerability is due to insufficient validation of user input in the saveStaticConfig method...
Cisco UCS Director saveWindowsNetworkConfig Directory Traversal (CVE-2020-3249)
A directory traversal vulnerability exists in Cisco UCS Directory. The vulnerability is due to insufficient validation of user input in the saveWindowsNetworkConfig method...
Apache Archiva Command Injection (CVE-2020-9495)
A command injection vulnerability exists in Apache Archiva. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Geutebrueck re_porter 16 DVR Cross-site Scripting (CVE-2018-15533)
A cross-site scripting vulnerability exists in Geutebrueck re porter 16 firmware x under 7.8.974.20. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Microsoft Diagnostic Hub Standard Collector Elevation Of Privilege (CVE-2018-0952)
An elevation of privilege vulnerability exists in Microsoft visual studio 2015 update3. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Win32k Elevation Of Privilege (CVE-2018-8562)
An elevation of privilege vulnerability exists in Microsoft windows 10 . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
IBM Spectrum Protect Plus hfpackage Command Injection (CVE-2020-4212)
A command injection vulnerability exists in IBM Spectrum Protect Plus. This vulnerability is due to the missing input validation in Administrative Console service while parsing the parameter...
Tenda Command Injection (CVE-2020-15916)
A command injection vulnerability exists in Tenda. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Quest KACE System Management Appliance Unauthorized Access (CVE-2018-11138)
A command execution vulnerability exists in Quest kace system management appliance 8.0.318. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Microsoft Windows Host Compute Service Shim Remote Code Execution (CVE-2018-8115)
A vulnerability exists in Microsoft windows host compute service shim x under 0.6.10. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
VBulletin Persistent Cross Site Scripting
A cross-site scripting vulnerability exists in vBulletin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Jenkins Jetty Buffer Overflow (CVE-2019-17638)
A buffer overflow vulnerability exists in Jenkins Jetty. Successful exploitation of this vulnerability could allow unauthenticated attackers to obtain HTTP response headers that may include sensitive data intended for another user...
WordPress Real-Time Find and Replace Plugin Cross-Site Scripting (CVE-2020-13641)
A cross-site scripting vulnerability exists in WordPress Real-Time Find and Replace Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...