| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
101 |
CVE-2020-24196 |
434 |
|
Exec Code |
2020-08-27 |
2020-09-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An Arbitrary File Upload in Vehicle Image Upload in Online Bike Rental v1.0 allows authenticated admin to conduct remote code execution. |
|
102 |
CVE-2020-24186 |
434 |
|
Exec Code |
2020-08-24 |
2022-01-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action. |
|
103 |
CVE-2020-24115 |
798 |
|
|
2020-08-31 |
2021-04-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access. |
|
104 |
CVE-2020-24104 |
79 |
|
XSS |
2020-08-30 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.Router.20170904 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID, as demonstrated by the wireless.htm SET2 parameter. |
|
105 |
CVE-2020-24057 |
78 |
|
Exec Code |
2020-08-21 |
2020-08-27 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to execute arbitrary commands as 'root'. |
|
106 |
CVE-2020-24056 |
22 |
|
Dir. Trav. |
2020-08-21 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols. |
|
107 |
CVE-2020-24055 |
787 |
|
Overflow |
2020-08-21 |
2020-08-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not require any authentication. |
|
108 |
CVE-2020-24054 |
78 |
|
Exec Code |
2020-08-21 |
2020-08-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. One of the limitations of this feature is that it only takes a path to a binary without arguments; however, this can be circumvented using special shell variables, such as '${IFS}'. As a result, an attacker can execute arbitrary commands as 'root' on the units. |
|
109 |
CVE-2020-24053 |
22 |
|
Dir. Trav. |
2020-08-21 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Moog EXO Series EXVF5C-2 and EXVP7C2-3 units have a hardcoded credentials vulnerability. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols. |
|
110 |
CVE-2020-24052 |
776 |
|
|
2020-08-21 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Several XML External Entity (XXE) vulnerabilities in the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units allow remote unauthenticated users to read arbitrary files via a crafted Document Type Definition (DTD) in an XML request. |
|
111 |
CVE-2020-24051 |
287 |
|
Bypass |
2020-08-21 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Moog EXO Series EXVF5C-2 and EXVP7C2-3 units support the ONVIF interoperability IP-based physical security protocol, which requires authentication for some of its operations. It was found that the authentication check for those ONVIF operations can be bypassed. An attacker can abuse this issue to execute privileged operations without authentication, for instance, to create a new Administrator user. |
|
112 |
CVE-2020-24032 |
78 |
|
|
2020-08-18 |
2020-08-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. |
|
113 |
CVE-2020-24008 |
200 |
|
+Info |
2020-08-26 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. |
|
114 |
CVE-2020-24007 |
307 |
|
|
2020-08-26 |
2020-09-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Umanni RH 1.0 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page. |
|
115 |
CVE-2020-23984 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-site Scripting in Customer registration-form all-tags. |
|
116 |
CVE-2020-23983 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Michael-design iChat Realtime PHP Live Support System 1.6 has persistent Cross-site Scripting via chat,text-filed tags. |
|
117 |
CVE-2020-23982 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
DesignMasterEvents Conference management 1.0.0 has cross site scripting via the 'certificate.php' |
|
118 |
CVE-2020-23981 |
79 |
|
XSS |
2020-08-27 |
2020-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
13enforme CMS 1.0 has Cross Site Scripting via the "content.php" id parameter. |
|
119 |
CVE-2020-23980 |
89 |
|
Sql |
2020-08-27 |
2020-09-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
DesignMasterEvents Conference management 1.0.0 allows SQL Injection via the username field on the administrator login page. |
|
120 |
CVE-2020-23979 |
89 |
|
Sql |
2020-08-27 |
2020-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
13enforme CMS 1.0 has SQL Injection via the 'content.php' id parameter. |
|
121 |
CVE-2020-23978 |
89 |
|
Sql |
2020-08-27 |
2020-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php" |
|
122 |
CVE-2020-23977 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
KandNconcepts Club CMS 1.1 and 1.2 has cross site scripting via the 'team.php,player.php,club.php' id parameter. |
|
123 |
CVE-2020-23976 |
89 |
|
Sql |
2020-08-27 |
2020-08-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter. |
|
124 |
CVE-2020-23975 |
79 |
|
XSS |
2020-08-27 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter. |
|
125 |
CVE-2020-23974 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Message(title-tag), Add new client (all-tags). |
|
126 |
CVE-2020-23973 |
89 |
|
Sql |
2020-08-27 |
2020-09-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php,player.php,club.php' id parameter. |
|
127 |
CVE-2020-23972 |
434 |
|
Bypass |
2020-08-27 |
2020-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions. |
|
128 |
CVE-2020-23936 |
287 |
|
Bypass |
2020-08-20 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)". |
|
129 |
CVE-2020-23935 |
89 |
|
Sql Bypass |
2020-08-20 |
2021-12-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)". |
|
130 |
CVE-2020-23934 |
78 |
|
Exec Code |
2020-08-18 |
2020-08-26 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section. |
|
131 |
CVE-2020-23660 |
79 |
|
XSS |
2020-08-26 |
2020-08-28 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Search." |
|
132 |
CVE-2020-23659 |
79 |
|
XSS |
2020-08-26 |
2021-09-28 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the "connections" feature. |
|
133 |
CVE-2020-23658 |
79 |
|
XSS |
2020-08-26 |
2020-09-01 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php. |
|
134 |
CVE-2020-23657 |
79 |
|
XSS |
2020-08-26 |
2020-08-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration." |
|
135 |
CVE-2020-23656 |
79 |
|
XSS |
2020-08-26 |
2020-08-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content." |
|
136 |
CVE-2020-23655 |
79 |
|
XSS |
2020-08-26 |
2020-08-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration." |
|
137 |
CVE-2020-23654 |
79 |
|
XSS |
2020-08-26 |
2020-08-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) via the module "Shop." |
|
138 |
CVE-2020-23576 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Laborator Neon dashboard v3 is affected by stored Cross Site Scripting (XSS) via the chat tab. |
|
139 |
CVE-2020-23574 |
434 |
|
Overflow |
2020-08-19 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash. |
|
140 |
CVE-2020-22722 |
434 |
|
|
2020-08-14 |
2020-08-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing the binary as NT AUTHORITY\SYSTEM in a Windows operating system. For example, an attacker can plant a reverse shell from a low privileged user account and by restarting the computer, the malicious service will be started as NT AUTHORITY\SYSTEM by giving the attacker full system access to the remote PC. |
|
141 |
CVE-2020-22721 |
434 |
|
Exec Code |
2020-08-14 |
2020-08-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program. |
|
142 |
CVE-2020-20634 |
732 |
|
|
2020-08-21 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog. |
|
143 |
CVE-2020-20633 |
79 |
|
XSS |
2020-08-21 |
2020-08-28 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation. |
|
144 |
CVE-2020-20628 |
79 |
|
XSS |
2020-08-31 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS. |
|
145 |
CVE-2020-20627 |
306 |
|
|
2020-08-31 |
2020-10-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change. |
|
146 |
CVE-2020-20626 |
79 |
|
XSS |
2020-08-31 |
2020-09-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS. |
|
147 |
CVE-2020-20625 |
89 |
|
Sql |
2020-08-31 |
2020-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php. |
|
148 |
CVE-2020-19891 |
787 |
|
|
2020-08-24 |
2020-08-25 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $_POST['updatefile'] is filename and $_POST['tinymce_content'] is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell. |
|
149 |
CVE-2020-19890 |
200 |
|
+Info |
2020-08-24 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $_GET['file'] is filename,and as there is no filter function for security, you can read any file's content. |
|
150 |
CVE-2020-19889 |
352 |
|
CSRF |
2020-08-24 |
2020-08-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcms_pid=-70 can add a user. |
