CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1651 CVE-2020-21667 89 Sql 2020-11-13 2020-12-01
6.5
None Remote Low ??? Partial Partial Partial
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection.
1652 CVE-2020-21665 89 Sql 2020-11-17 2020-11-30
6.5
None Remote Low ??? Partial Partial Partial
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
1653 CVE-2020-21564 434 Exec Code 2020-09-30 2020-10-07
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Pluck CMS v4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files.
1654 CVE-2020-21524 611 2020-09-30 2020-10-08
6.4
None Remote Low Not required Partial None Partial
There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read files, enable ddos attacks, etc. exp:https://github.com/halo-dev/halo/issues/423
1655 CVE-2020-20907 20 2021-05-24 2021-05-28
6.4
None Remote Low Not required None Partial Partial
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php.
1656 CVE-2020-20740 787 Overflow 2020-11-20 2020-12-04
6.8
None Remote Medium Not required Partial Partial Partial
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
1657 CVE-2020-20290 22 Dir. Trav. 2021-02-01 2021-02-04
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability.
1658 CVE-2020-19891 787 2020-08-24 2020-08-25
6.5
None Remote Low ??? Partial Partial Partial
DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $_POST['updatefile'] is filename and $_POST['tinymce_content'] is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell.
1659 CVE-2020-19889 352 CSRF 2020-08-24 2020-08-26
6.8
None Remote Medium Not required Partial Partial Partial
DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcms_pid=-70 can add a user.
1660 CVE-2020-19667 787 Overflow 2020-11-20 2021-02-24
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
1661 CVE-2020-19664 88 Exec Code 2020-12-31 2021-02-24
6.5
None Remote Low ??? Partial Partial Partial
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.
1662 CVE-2020-19641 269 +Priv 2021-03-30 2021-04-01
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with the "Operator" Privilege can gain admin privileges via a crafted request to '/goform/formUserMng'.
1663 CVE-2020-19639 352 CSRF 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI.
1664 CVE-2020-19364 434 2021-01-20 2021-01-22
6.5
None Remote Low ??? Partial Partial Partial
OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php.
1665 CVE-2020-19199 352 Exec Code CSRF 2021-05-10 2021-05-18
6.8
None Remote Medium Not required Partial Partial Partial
A Cross Site Request Forgery (CSRF) vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin&f=save, which could let a remote malicious user execute arbitrary code.
1666 CVE-2020-18964 352 +Priv CSRF 2021-05-11 2021-05-19
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges.
1667 CVE-2020-18766 79 Exec Code XSS 2020-10-26 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.
1668 CVE-2020-18265 352 Exec Code +Priv CSRF 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_add_member".
1669 CVE-2020-18264 352 Exec Code +Priv CSRF 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_edit_member".
1670 CVE-2020-18215 89 Exec Code Sql 2021-02-09 2021-02-12
6.5
None Remote Low ??? Partial Partial Partial
Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.php via the (1) ad_id, (2) menu_id, and (3) cashout_id parameters, which could let a remote malicious user execute arbitrary code.
1671 CVE-2020-18198 352 Exec Code CSRF 2021-05-17 2021-05-24
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component " /admin.php?action=images."
1672 CVE-2020-18195 352 Exec Code CSRF 2021-05-17 2021-05-24
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete a specific article via the component " /admin.php?action=page."
1673 CVE-2020-18191 22 Dir. Trav. 2020-10-02 2020-10-13
6.4
None Remote Low Not required None Partial Partial
GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php
1674 CVE-2020-18190 22 Dir. Trav. 2020-10-02 2020-10-09
6.4
None Remote Low Not required None Partial Partial
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
1675 CVE-2020-18184 Exec Code 2020-10-02 2020-10-14
6.5
None Remote Low ??? Partial Partial Partial
In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
1676 CVE-2020-18129 352 CSRF 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php.
1677 CVE-2020-18070 22 Dir. Trav. 2021-04-30 2021-05-03
6.4
None Remote Low Not required None Partial Partial
Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
1678 CVE-2020-18032 120 DoS Exec Code Overflow 2021-04-29 2021-05-28
6.8
None Remote Medium Not required Partial Partial Partial
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
1679 CVE-2020-17564 22 Dir. Trav. 2021-04-22 2021-04-28
6.4
None Remote Low Not required None Partial Partial
Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component.
1680 CVE-2020-17563 22 Dir. Trav. 2021-04-22 2021-04-28
6.4
None Remote Low Not required None Partial Partial
Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=".
1681 CVE-2020-17541 787 DoS Exec Code Overflow 2021-06-01 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
1682 CVE-2020-17532 502 Exec Code 2021-01-25 2021-01-29
6.0
None Remote Medium ??? Partial Partial Partial
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
1683 CVE-2020-17529 787 2020-12-09 2020-12-16
6.8
None Remote Medium Not required Partial Partial Partial
Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIG_EXPERIMENTAL and CONFIG_NET_TCP_REASSEMBLY build flags enabled.
1684 CVE-2020-17528 787 2020-12-09 2020-12-16
6.4
None Remote Low Not required Partial None Partial
Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.
1685 CVE-2020-17504 77 Exec Code 2021-01-08 2021-01-14
6.5
None Remote Low ??? Partial Partial Partial
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters "x_modules" and "y_modules" are not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards.
1686 CVE-2020-17503 77 Exec Code 2021-01-08 2021-01-14
6.5
None Remote Low ??? Partial Partial Partial
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameter "locking" is not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards.
1687 CVE-2020-17502 77 Exec Code 2021-01-08 2021-01-13
6.5
None Remote Low ??? Partial Partial Partial
Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameters xmodules, ymodules and savelocking are not properly handled. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards.
1688 CVE-2020-17467 125 2020-12-11 2020-12-18
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in _fnet_llmnr_poll in fnet_llmnr.c during a response to a malicious request of the DNS class IN.
1689 CVE-2020-17462 434 2020-08-14 2020-08-19
6.5
None Remote Low ??? Partial Partial Partial
CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798.
1690 CVE-2020-17448 863 Bypass 2020-08-11 2021-01-28
6.8
None Remote Medium Not required Partial Partial Partial
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension.
1691 CVE-2020-17441 125 2020-12-11 2020-12-14
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service or Information Disclosure. This affects pico_ipv6_extension_headers and pico_checksum_adder (in pico_ipv6.c and pico_frame.c).
1692 CVE-2020-17437 787 2020-12-11 2021-03-09
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.
1693 CVE-2020-17436 125 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11432.
1694 CVE-2020-17435 125 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11358.
1695 CVE-2020-17434 125 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ARW files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11357.
1696 CVE-2020-17433 125 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11356.
1697 CVE-2020-17432 125 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11335.
1698 CVE-2020-17431 787 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11333.
1699 CVE-2020-17430 787 Exec Code 2021-02-09 2021-02-11
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11332.
1700 CVE-2020-17427 125 Exec Code 2021-02-09 2021-02-10
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11334.
Total number of vulnerabilities : 22306   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 (This Page)35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.