{
"Source": "CVE FEED",
"Title": "CVE-2022-50951 - WiFi File Transfer 1.0.8 Persistent XSS via Web Server Input Validation",
"Content": "CVE ID : CVE-2022-50951
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infected file paths, potentially compromising user browser sessions.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2022-50951 - WiFi File Transfer 1.0.8 Persistent XSS via Web Server Input Validation",
"Content": "CVE ID : CVE-2022-50951
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infected file paths, potentially compromising user browser sessions.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2022-50952 - Banco Guayaquil 8.0.0 Mobile iOS Cross-Site Scripting via Profile Name Input",
"Content": "CVE ID : CVE-2022-50952
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Banco Guayaquil 8.0.0 mobile iOS application contains a persistent cross-site scripting vulnerability in the TextBox Name Profile input. Attackers can inject malicious script code through a POST request that executes on application review without user interaction.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2022-50952 - Banco Guayaquil 8.0.0 Mobile iOS Cross-Site Scripting via Profile Name Input",
"Content": "CVE ID : CVE-2022-50952
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Banco Guayaquil 8.0.0 mobile iOS application contains a persistent cross-site scripting vulnerability in the TextBox Name Profile input. Attackers can inject malicious script code through a POST request that executes on application review without user interaction.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47918 - Simple CMS 2.1 SQL Injection Vulnerability via Users Module",
"Content": "CVE ID : CVE-2021-47918
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47918 - Simple CMS 2.1 SQL Injection Vulnerability via Users Module",
"Content": "CVE ID : CVE-2021-47918
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47919 - Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter",
"Content": "CVE ID : CVE-2021-47919
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47919 - Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter",
"Content": "CVE ID : CVE-2021-47919
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47920 - WebMO Job Manager 20.0 Cross-Site Scripting via Search Parameters",
"Content": "CVE ID : CVE-2021-47920
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47920 - WebMO Job Manager 20.0 Cross-Site Scripting via Search Parameters",
"Content": "CVE ID : CVE-2021-47920
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47921 - Free Photo & Video Vault 0.0.2 Directory Traversal Vulnerability via Web Request",
"Content": "CVE ID : CVE-2021-47921
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47921 - Free Photo & Video Vault 0.0.2 Directory Traversal Vulnerability via Web Request",
"Content": "CVE ID : CVE-2021-47921
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2022-50797 - Stripe Green Downloads Wordpress Plugin 2.03 Persistent XSS via Settings",
"Content": "CVE ID : CVE-2022-50797
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploit input parameters to execute arbitrary scripts, potentially leading to session hijacking and application module manipulation.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2022-50797 - Stripe Green Downloads Wordpress Plugin 2.03 Persistent XSS via Settings",
"Content": "CVE ID : CVE-2022-50797
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploit input parameters to execute arbitrary scripts, potentially leading to session hijacking and application module manipulation.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47917 - Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters",
"Content": "CVE ID : CVE-2021-47917
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47917 - Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters",
"Content": "CVE ID : CVE-2021-47917
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47911 - Affiliate Pro 1.7 Reflected Cross-Site Scripting via Index Module",
"Content": "CVE ID : CVE-2021-47911
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47911 - Affiliate Pro 1.7 Reflected Cross-Site Scripting via Index Module",
"Content": "CVE ID : CVE-2021-47911
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47912 - PHP Melody 3.0 Non-Persistent Cross-Site Scripting via Multiple Parameters",
"Content": "CVE ID : CVE-2021-47912
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody version 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can inject malicious scripts through unvalidated parameters to execute client-side attacks and potentially hijack user sessions.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47912 - PHP Melody 3.0 Non-Persistent Cross-Site Scripting via Multiple Parameters",
"Content": "CVE ID : CVE-2021-47912
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody version 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can inject malicious scripts through unvalidated parameters to execute client-side attacks and potentially hijack user sessions.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47913 - PHP Melody 3.0 Persistent Cross-Site Scripting via Video Editor",
"Content": "CVE ID : CVE-2021-47913
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the video editor that allows privileged users to inject malicious scripts. Attackers can exploit the WYSIWYG editor to execute persistent scripts, potentially leading to session hijacking and application manipulation.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47913 - PHP Melody 3.0 Persistent Cross-Site Scripting via Video Editor",
"Content": "CVE ID : CVE-2021-47913
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the video editor that allows privileged users to inject malicious scripts. Attackers can exploit the WYSIWYG editor to execute persistent scripts, potentially leading to session hijacking and application manipulation.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47914 - PHP Melody 3.0 Persistent XSS Vulnerability via Edit Video Parameter",
"Content": "CVE ID : CVE-2021-47914
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijacking, persistent phishing, and manipulation of application modules.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47914 - PHP Melody 3.0 Persistent XSS Vulnerability via Edit Video Parameter",
"Content": "CVE ID : CVE-2021-47914
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijacking, persistent phishing, and manipulation of application modules.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47915 - PHP Melody 3.0 SQL Injection Vulnerability via Edit Video Parameter",
"Content": "CVE ID : CVE-2021-47915
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody version 3.0 contains a remote SQL injection vulnerability in the video edit module that allows authenticated attackers to inject malicious SQL commands. Attackers can exploit the unvalidated 'vid' parameter to execute arbitrary database queries and potentially compromise the web application and database management system.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47915 - PHP Melody 3.0 SQL Injection Vulnerability via Edit Video Parameter",
"Content": "CVE ID : CVE-2021-47915
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : PHP Melody version 3.0 contains a remote SQL injection vulnerability in the video edit module that allows authenticated attackers to inject malicious SQL commands. Attackers can exploit the unvalidated 'vid' parameter to execute arbitrary database queries and potentially compromise the web application and database management system.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47916 - Simple CMS 2.1 SQL Injection Vulnerability via Users Module",
"Content": "CVE ID : CVE-2021-47916
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47916 - Simple CMS 2.1 SQL Injection Vulnerability via Users Module",
"Content": "CVE ID : CVE-2021-47916
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2021-47856 - Easy Cart Shopping Cart 2021 Cross-Site Scripting via Search Parameter",
"Content": "CVE ID : CVE-2021-47856
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2021-47856 - Easy Cart Shopping Cart 2021 Cross-Site Scripting via Search Parameter",
"Content": "CVE ID : CVE-2021-47856
Published : Feb. 1, 2026, 1:15 p.m. | 16 minutes ago
Description : Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2020-37055 - SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37055
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access during service startup.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2020-37055 - SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37055
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access during service startup.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2020-37063 - TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37063
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2020-37063 - TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37063
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2020-37061 - BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37061
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with LocalSystem permissions.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2020-37061 - BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37061
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with LocalSystem permissions.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2020-37062 - DHCP Turbo 4.6.1298- 'DHCP Turbo 4' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37062
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2020-37062 - DHCP Turbo 4.6.1298- 'DHCP Turbo 4' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37062
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2020-37064 - EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37064
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP_NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\ to inject malicious code that would execute with LocalSystem privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2020-37064 - EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37064
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP_NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\ to inject malicious code that would execute with LocalSystem privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2020-37045 - NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37045
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2020-37045 - NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37045
Published : Feb. 1, 2026, 3:16 p.m. | 17 minutes ago
Description : Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "01 Feb 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹