| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar= |
| elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php. |
| elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php. |
| elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php. |
| elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=. |
| elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php. |
| elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=. |
| Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. |
| Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php. |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php. |
| In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. |
| In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. |
| An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. |
| A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. |
| An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. |
| Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers. |
| Gitea before 1.16.7 does not escape git fetch remote. |
| Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers. |