Export limit exceeded: 362848 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (85326 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-22403 1 Express-cart Project 1 Express-cart 2024-11-21 8.8 High
Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows attackers to add an administrator account, add discount code or other unspecified impacts.
CVE-2020-22390 1 Akaunting 1 Akaunting 2024-11-21 8.8 High
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.
CVE-2020-22345 1 Centreon 1 Centreon 2024-11-21 8.8 High
/graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the RRDdatabase_path parameter.
CVE-2020-22284 1 Lwip Project 1 Lwip 2024-11-21 7.5 High
A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.
CVE-2020-22283 1 Lwip Project 1 Lwip 2024-11-21 7.5 High
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
CVE-2020-22278 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 8.8 High
phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.
CVE-2020-22277 1 Codection 1 Import And Export Users And Customers 2024-11-21 8.0 High
Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile.
CVE-2020-22275 1 Easyregistrationforms 1 Easy Registration Forms 2024-11-21 8.8 High
Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable.
CVE-2020-22219 2 Flac Project, Redhat 6 Flac, Enterprise Linux, Rhel Aus and 3 more 2024-11-21 7.8 High
Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.
CVE-2020-22218 2 Libssh2, Redhat 2 Libssh2, Enterprise Linux 2024-11-21 7.5 High
An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
CVE-2020-22201 1 Phpcms 1 Phpcms 2024-11-21 8.8 High
phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php.
CVE-2020-22176 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information.
CVE-2020-22175 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22174 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22173 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22172 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22171 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22170 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22169 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22168 1 Phpgurukul 1 Hospital Management System 2024-11-21 7.5 High
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.