Search Results (362865 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-35622 1 Mediawiki 1 Mediawiki 2024-11-21 6.1 Medium
An issue was discovered in the GlobalUsage extension for MediaWiki through 1.35.1. SpecialGlobalUsage.php calls WikiMap::makeForeignLink unsafely. The $page variable within the formatItem function was not being properly escaped, allowing for XSS under certain conditions.
CVE-2020-35609 1 Microsoft 1 Azure Sphere 2024-11-21 5.5 Medium
A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.
CVE-2020-35608 1 Microsoft 1 Azure Sphere 2024-11-21 7.8 High
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability.
CVE-2020-35606 1 Webmin 1 Webmin 2024-11-21 8.8 High
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.
CVE-2020-35604 1 Kronos 1 Web Time And Attendance 2024-11-21 9.8 Critical
An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used.
CVE-2020-35598 1 Advanced Comment System Project 1 Advanced Comment System 2024-11-21 7.5 High
ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623
CVE-2020-35597 1 Victor Cms Project 1 Victor Cms 2024-11-21 8.8 High
Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php.
CVE-2020-35594 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 6.1 Medium
Zoho ManageEngine ADManager Plus before 7066 allows XSS.
CVE-2020-35593 1 Bmc 1 Patrol Agent 2024-11-21 7.8 High
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
CVE-2020-35592 1 Pi-hole 1 Pi-hole 2024-11-21 5.4 Medium
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the session cookie.
CVE-2020-35591 1 Pi-hole 1 Pi-hole 2024-11-21 5.4 Medium
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session.
CVE-2020-35590 1 Limitloginattempts 1 Limit Login Attempts Reloaded 2024-11-21 9.8 Critical
LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of (per IP address) rate limits because the X-Forwarded-For header can be forged. When the plugin is configured to accept an arbitrary header for the client source IP address, a malicious user is not limited to perform a brute force attack, because the client IP header accepts any arbitrary string. When randomizing the header input, the login count does not ever reach the maximum allowed retries.
CVE-2020-35589 1 Limitloginattempts 1 Limit Login Attempts Reloaded 2024-11-21 5.4 Medium
The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims.
CVE-2020-35587 1 Mersive 3 Solstice, Solstice Firmware, Solstice Pod Firmware 2024-11-21 7.5 High
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique
CVE-2020-35586 1 Mersive 2 Solstice Pod, Solstice Pod Firmware 2024-11-21 7.5 High
In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement (e.g., it might be all digits or all lowercase letters).
CVE-2020-35585 1 Mersive 2 Solstice Pod, Solstice Pod Firmware 2024-11-21 7.5 High
In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities.
CVE-2020-35584 1 Mersive 2 Solstice Pod, Solstice Pod Firmware 2024-11-21 5.9 Medium
In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. An attacker suitably positioned to view a legitimate user's network traffic could record and monitor their interactions with the web services and obtain any information the user supplies, including Administrator passwords and screen keys.
CVE-2020-35582 1 Enviragallery 1 Envira Gallery 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_title parameter.
CVE-2020-35581 1 Enviragallery 1 Envira Gallery 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the meta[title] parameter.
CVE-2020-35580 1 Searchblox 1 Searchblox 2024-11-21 7.5 High
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBlox configuration file (e.g., searchblox/WEB-INF/config.xml), which contains both the Super Admin's API key and the base64 encoded SHA1 password hashes of other SearchBlox users.