‼ CVE-2020-29172 ‼
📖 Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35437 ‼
📖 Read
via "National Vulnerability Database".
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35575 ‼
📖 Read
via "National Vulnerability Database".
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29299 ‼
📖 Read
via "National Vulnerability Database".
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29204 ‼
📖 Read
via "National Vulnerability Database".
XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29249 ‼
📖 Read
via "National Vulnerability Database".
CXUUCMS V3 allows class="layui-input" XSS.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29250 ‼
📖 Read
via "National Vulnerability Database".
CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29156 ‼
📖 Read
via "National Vulnerability Database".
The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35736 ‼
📖 Read
via "National Vulnerability Database".
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35738 ‼
📖 Read
via "National Vulnerability Database".
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29158 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can bypass intended access control on internal Articles via the Ticket detail view.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26033 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. The Tag and Link REST API endpoints (for add and delete) lack a CSRF token check.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28096 ‼
📖 Read
via "National Vulnerability Database".
FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26034 ‼
📖 Read
via "National Vulnerability Database".
An account-enumeration issue was discovered in Zammad before 3.4.1. The Create User functionality is implemented in a way that would enable an anonymous user to guess valid user email addresses. The application responds differently depending on whether the input supplied was recognized as associated with a valid user.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26030 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29194 ‼
📖 Read
via "National Vulnerability Database".
Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26028 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28093 ‼
📖 Read
via "National Vulnerability Database".
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26032 ‼
📖 Read
via "National Vulnerability Database".
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may lead to disclosure of information from intranet systems.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29159 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.5.1. The default signup Role (for newly created Users) can be a privileged Role, if configured by an admin. This behvaior was unintended.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26029 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header.📖 Read
via "National Vulnerability Database".