|
The service offers a platform that allows Registrars to check for any performance and security problems present on... |
The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two... |
An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by... |
The service detects malicious signatures in analysed files, by scanning it with 57 different commercial anti-malware.... |
| Published | Description | |
|---|---|---|
| CVE-2020-24847 |
23-10-2020 19:15:00 |
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticated attacker can change the newSSID and hostapd_wpa_passphrase. |
| CVE-2020-24848 |
23-10-2020 19:15:00 |
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system. |
| CVE-2020-25483 |
23-10-2020 18:15:00 |
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. |
| CVE-2020-5990 |
23-10-2020 18:15:00 |
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. |
| CVE-2020-5977 |
23-10-2020 18:15:00 |
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. |
| Date | Title | Platform | Author |
|---|---|---|---|
|
23-10-2020 |
User Registration & Login and User Management System 2.1 - SQL Injection | php | Ihsan Sencan |
|
23-10-2020 |
Online Library Management System 1.0 - Arbitrary File Upload | php | Jyotsna Adhana |
|
23-10-2020 |
Gym Management System 1.0 - 'id' SQL Injection | php | Jyotsna Adhana |
|
23-10-2020 |
Point of Sales 1.0 - 'username' SQL Injection | php | Jyotsna Adhana |
|
23-10-2020 |
TextPattern CMS 4.8.3 - Remote Code Execution (Authenticated) | php | 0blio_ |
Italiano
English