Search

Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-35604 1 Kronos 1 Web Time And Attendance 2024-11-21 9.8 Critical
An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used.
CVE-2020-35598 1 Advanced Comment System Project 1 Advanced Comment System 2024-11-21 7.5 High
ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623
CVE-2020-35597 1 Victor Cms Project 1 Victor Cms 2024-11-21 8.8 High
Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php.
CVE-2020-35594 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 6.1 Medium
Zoho ManageEngine ADManager Plus before 7066 allows XSS.
CVE-2020-35593 1 Bmc 1 Patrol Agent 2024-11-21 7.8 High
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
CVE-2020-35592 1 Pi-hole 1 Pi-hole 2024-11-21 5.4 Medium
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the session cookie.
CVE-2020-35591 1 Pi-hole 1 Pi-hole 2024-11-21 5.4 Medium
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session.
CVE-2020-35590 1 Limitloginattempts 1 Limit Login Attempts Reloaded 2024-11-21 9.8 Critical
LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of (per IP address) rate limits because the X-Forwarded-For header can be forged. When the plugin is configured to accept an arbitrary header for the client source IP address, a malicious user is not limited to perform a brute force attack, because the client IP header accepts any arbitrary string. When randomizing the header input, the login count does not ever reach the maximum allowed retries.
CVE-2020-35589 1 Limitloginattempts 1 Limit Login Attempts Reloaded 2024-11-21 5.4 Medium
The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims.
CVE-2020-35587 1 Mersive 3 Solstice, Solstice Firmware, Solstice Pod Firmware 2024-11-21 7.5 High
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique
CVE-2020-35586 1 Mersive 2 Solstice Pod, Solstice Pod Firmware 2024-11-21 7.5 High
In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement (e.g., it might be all digits or all lowercase letters).
CVE-2020-35585 1 Mersive 2 Solstice Pod, Solstice Pod Firmware 2024-11-21 7.5 High
In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities.
CVE-2020-35584 1 Mersive 2 Solstice Pod, Solstice Pod Firmware 2024-11-21 5.9 Medium
In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. An attacker suitably positioned to view a legitimate user's network traffic could record and monitor their interactions with the web services and obtain any information the user supplies, including Administrator passwords and screen keys.
CVE-2020-35582 1 Enviragallery 1 Envira Gallery 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_title parameter.
CVE-2020-35581 1 Enviragallery 1 Envira Gallery 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the meta[title] parameter.
CVE-2020-35580 1 Searchblox 1 Searchblox 2024-11-21 7.5 High
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBlox configuration file (e.g., searchblox/WEB-INF/config.xml), which contains both the Super Admin's API key and the base64 encoded SHA1 password hashes of other SearchBlox users.
CVE-2020-35579 1 Subconverter Project 1 Subconverter 2024-11-21 7.5 High
tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the external request target may indirectly redirect back to this original /sub endpoint. Thus, a request loop and a denial of service may occur.
CVE-2020-35578 1 Nagios 1 Nagios Xi 2024-11-21 7.2 High
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
CVE-2020-35577 1 Endalia 1 Selection Portal 2024-11-21 6.5 Medium
In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file identifier (aka CommonDownload identification number).
CVE-2020-35576 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2024-11-21 8.8 High
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.