CVE-2014-4984
D�j� Vu Crescendo Sales CRM has remote SQL Injection
Source: CVE-2014-4984
[월:] 2020년 01월
CVE-2014-5012
CVE-2014-5013
CVE-2014-5013
DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.
Source: CVE-2014-5013
CVE-2014-5011
CVE-2019-20375
CVE-2019-20375
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c.
Source: CVE-2019-20375
CVE-2019-20376
CVE-2019-20376
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c.
Source: CVE-2019-20376
CVE-2020-6758
CVE-2020-6758
A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows remote attackers to inject arbitrary web script or HTML via the ContentFrame parameter.
Source: CVE-2020-6758
CVE-2020-6757
CVE-2020-6757
contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows authenticated attackers to remotely execute code via the name parameter.
Source: CVE-2020-6757
CVE-2019-20373
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user’s shell lacks support for Bourne shell syntax. This is related to a run-x-session script.
Source: CVE-2019-20373
CVE-2020-6756
CVE-2020-6756
languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthenticated attackers to remotely execute code via the lang parameter.
Source: CVE-2020-6756