Export limit exceeded: 13816 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10041 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10041 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19822 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 7.2 High |
| A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters. | ||||
| CVE-2020-19625 | 1 Gridx Project | 1 Gridx | 2024-11-21 | 9.8 Critical |
| Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter. | ||||
| CVE-2020-19551 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 8.8 High |
| Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. | ||||
| CVE-2020-19113 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution. | ||||
| CVE-2020-18737 | 1 Typora | 1 Typora | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Typora 0.9.67. There is an XSS vulnerability that causes Remote Code Execution. | ||||
| CVE-2020-17952 | 1 Twothink Project | 1 Twothink | 2024-11-21 | 9.8 Critical |
| A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code. | ||||
| CVE-2020-17551 | 1 Impresscms | 1 Impresscms | 2024-11-21 | 4.8 Medium |
| ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution. | ||||
| CVE-2020-17504 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-11-21 | 7.2 High |
| The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters "x_modules" and "y_modules" are not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards. | ||||
| CVE-2020-17503 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-11-21 | 7.2 High |
| The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameter "locking" is not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards. | ||||
| CVE-2020-17502 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-11-21 | 7.2 High |
| Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameters xmodules, ymodules and savelocking are not properly handled. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards. | ||||
| CVE-2020-17500 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-11-21 | 9.8 Critical |
| Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result in unauthenticated remote code execution in the username and password fields of the logon prompt. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards. | ||||
| CVE-2020-17485 | 1 Uffizio | 1 Gps Tracker | 2024-11-21 | 9.8 Critical |
| A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server can be compromised by uploading and executing a web/reverse shell. An attacker could then run commands, browse system files, and browse local resources | ||||
| CVE-2020-17456 | 1 Seowonintech | 10 Slc-130, Slc-130 Firmware, Slr-120d42g and 7 more | 2024-11-21 | 9.8 Critical |
| SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page. | ||||
| CVE-2020-17363 | 1 Usvn | 1 Usvn | 2024-11-21 | 9.9 Critical |
| USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069. | ||||
| CVE-2020-17110 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2020-17109 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2020-17108 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2020-17107 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2020-17106 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2020-17105 | 1 Microsoft | 1 Av1 Video Extension | 2024-11-21 | 7.8 High |
| AV1 Video Extension Remote Code Execution Vulnerability | ||||