Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36491 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||
| CVE-2020-23061 | 1 Dropouts | 1 Super Backup | 2021-10-28 | 5.0 MEDIUM | 7.5 HIGH |
| Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via a change to the path variable to request the local list command. | |||||
| CVE-2020-23054 | 1 User-agent Switcher And Manager Project | 1 User-agent Switcher And Manager | 2021-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input field. | |||||
| CVE-2020-23049 | 1 Fork-cms | 1 Fork Cms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML. | |||||
| CVE-2020-23046 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tpl.php via the `filename`, `mid`, `userid`, and `templet' parameters. | |||||
| CVE-2020-23044 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||
| CVE-2020-23052 | 1 Catalyst | 1 Mahara | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component groupfiles.php via the Number (Nombre) and Description (Descripción) parameters. | |||||
| CVE-2021-26609 | 1 Mangboard | 1 Mang Board | 2021-10-28 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Mangboard(WordPress plugin). A SQL-Injection vulnerability was found in order_type parameter. The order_type parameter makes a SQL query using unfiltered data. This vulnerability allows a remote attacker to steal user information. | |||||
| CVE-2021-41146 | 1 Qutebrowser | 1 Qutebrowser | 2021-10-28 | 6.8 MEDIUM | 8.8 HIGH |
| qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a `qutebrowserurl:` URL handler. With certain applications, opening a specially crafted `qutebrowserurl:...` URL can lead to execution of qutebrowser commands, which in turn allows arbitrary code execution via commands such as `:spawn` or `:debug-pyeval`. Only Windows installs where qutebrowser is registered as URL handler are affected. The issue has been fixed in qutebrowser v2.4.0. The fix also adds additional hardening for potential similar issues on Linux (by adding the new --untrusted-args flag to the .desktop file), though no such vulnerabilities are known. | |||||
| CVE-2021-39328 | 1 Presstigers | 1 Simple Job Board | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Simple Job Board WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $job_board_privacy_policy_label variable echo'd out via the ~/admin/settings/class-simple-job-board-settings-privacy.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.9.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-39348 | 1 Thimpress | 1 Learnpress | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702. | |||||
| CVE-2021-39354 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $start_date and $end_date parameters found in the ~/includes/admin/payments/class-payments-table.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.11.2. | |||||
| CVE-2021-39356 | 1 Content Staging Project | 1 Content Staging | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Content Staging WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via several parameters that are echo'd out via the ~/templates/settings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.0.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-34855 | 1 Parallels | 1 Parallels Desktop | 2021-10-27 | 2.1 LOW | 6.5 MEDIUM |
| This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13592. | |||||
| CVE-2021-38449 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 7.5 HIGH | 9.8 CRITICAL |
| Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product. | |||||
| CVE-2021-41307 | 1 Atlassian | 2 Jira, Jira Software Data Center | 2021-10-27 | 5.0 MEDIUM | 7.5 HIGH |
| Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.12, and from version 8.14.0 before 8.20.0. | |||||
| CVE-2021-41308 | 1 Atlassian | 2 Jira, Jira Software Data Center | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the `ReplicationSettings!default.jspa` endpoint. The affected versions are before version 8.6.0, from version 8.7.0 before 8.13.12, and from version 8.14.0 before 8.20.1. | |||||
| CVE-2021-41172 | 1 Antsword Redis Project | 1 Antsword Redis | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| AS_Redis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution. This issue is patched in version 0.5. | |||||
| CVE-2021-41792 | 1 Alfresco | 2 Alfresco Content Services, Alfresco Transform Services | 2021-10-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF. | |||||
| CVE-2020-23042 | 1 Dropouts | 1 Super Backup | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request. | |||||
| CVE-2021-41791 | 1 Alfresco | 2 Community Share, Share | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and org.alfresco:community-share through 7.0. An evasion of the XSS filter for HTML input validation in the Alfresco Share User Interface leads to stored XSS that could be exploited by an attacker (given that he has privileges on the content collaboration features). | |||||
| CVE-2020-23051 | 1 User Registration \& Login And User Management System With Admin Panel Project | 1 User Registration \& Login And User Management System With Admin Panel | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Phpgurukul User Registration & User Management System v2.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registration form & loginsystem input fields. | |||||
| CVE-2021-24769 | 1 Permalink Manager Lite Project | 1 Permalink Manager Lite | 2021-10-27 | 6.5 MEDIUM | 7.2 HIGH |
| The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection | |||||
| CVE-2021-24744 | 1 Cimatti | 1 Contact Forms | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The WordPress Contact Forms by Cimatti WordPress plugin before 1.4.12 does not sanitise and escape the Form Title before outputting it in some admin pages. which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | |||||
| CVE-2021-24662 | 1 Game-server-status Project | 1 Game-server-status | 2021-10-27 | 6.5 MEDIUM | 7.2 HIGH |
| The Game Server Status WordPress plugin through 1.0 does not validate or escape the server_id parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page | |||||
| CVE-2021-41185 | 1 Mycodo Project | 1 Mycodo | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users may manually apply the changes from the fix commit. | |||||
| CVE-2020-23041 | 1 Dropouts | 1 Air Share | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` exception-handling. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request. | |||||
| CVE-2020-23048 | 1 Seeddms | 1 Seeddms | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the component AddEvent.php via the name and comment parameters. | |||||
| CVE-2020-23047 | 1 Macs Cms Project | 1 Macs Cms | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a cross-site scripting (XSS) vulnerability in the search input field of the search module. | |||||
| CVE-2020-23040 | 1 Sky File Project | 1 Sky File | 2021-10-27 | 5.0 MEDIUM | 7.5 HIGH |
| Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attackers to access sensitive data and files via 'null' path commands. | |||||
| CVE-2020-23037 | 1 Portable | 1 Playable | 2021-10-27 | 7.5 HIGH | 9.8 CRITICAL |
| Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | |||||
| CVE-2020-23039 | 1 Newsoftwares | 1 Folder Lock | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| Folder Lock v3.4.5 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Create Folder function under the 'create' module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload as a path or folder name. | |||||
| CVE-2020-23038 | 1 Kumilabs | 1 Swift File Transfer | 2021-10-27 | 5.0 MEDIUM | 7.5 HIGH |
| Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables. | |||||
| CVE-2021-24653 | 1 Cookie-bar Project | 1 Cookie-bar | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Cookie Bar WordPress plugin through 1.8.8 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24608 | 1 Strategy11 | 1 Formidable Form Builder | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24699 | 1 Easy Media Download Project | 1 Easy Media Download | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| The Easy Media Download WordPress plugin before 1.1.7 does not escape the text argument of its shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks. | |||||
| CVE-2021-24785 | 1 Great-quotes Project | 1 Great-quotes | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | |||||
| CVE-2021-24774 | 1 Wpchill | 1 Check \& Log Email | 2021-10-27 | 6.5 MEDIUM | 7.2 HIGH |
| The Check & Log Email WordPress plugin before 1.0.3 does not validate and escape the "order" and "orderby" GET parameters before using them in a SQL statement when viewing logs, leading to SQL injections issues | |||||
| CVE-2021-34859 | 1 Teamviewer | 1 Teamviewer | 2021-10-27 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697. | |||||
| CVE-2021-34857 | 1 Parallels | 1 Parallels Desktop | 2021-10-27 | 4.6 MEDIUM | 8.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13601. | |||||
| CVE-2021-34856 | 1 Parallels | 1 Parallels Desktop | 2021-10-27 | 4.6 MEDIUM | 8.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13581. | |||||
| CVE-2021-34864 | 1 Parallels | 1 Parallels Desktop | 2021-10-27 | 4.6 MEDIUM | 8.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the WinAppHelper component. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13543. | |||||
| CVE-2021-42539 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2021-10-27 | 6.5 MEDIUM | 8.8 HIGH |
| The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. | |||||
| CVE-2021-34860 | 1 D-link | 2 Dap-2020, Dap-2020 Firmware | 2021-10-27 | 3.3 LOW | 6.5 MEDIUM |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103. | |||||
| CVE-2021-38467 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 5.5 MEDIUM | 8.1 HIGH |
| A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition. | |||||
| CVE-2021-38463 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 5.5 MEDIUM | 8.1 HIGH |
| The affected product does not properly control the allocation of resources. A user may be able to allocate unlimited memory buffers using API functions. | |||||
| CVE-2021-38455 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The affected product’s OS Service does not verify any given parameter. A user can supply any type of parameter that will be passed to inner calls without checking the type of the parameter or the value. | |||||
| CVE-2020-23043 | 1 Air Sender Project | 1 Air Sender | 2021-10-27 | 6.5 MEDIUM | 8.8 HIGH |
| Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2021-34863 | 1 D-link | 2 Dap-2020, Dap-2020 Firmware | 2021-10-27 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271. | |||||
| CVE-2021-38459 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 7.5 HIGH | 9.8 CRITICAL |
| The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database. | |||||