CVE-2020-18654
Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the "Title" parameter in the component "/coreframe/app/guestbook/myissue.php".
Source: CVE-2020-18654
[월:] 2021년 06월
CVE-2020-22169
CVE-2020-22169
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmsappointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22169
CVE-2020-22172
CVE-2020-22172
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmsget_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22172
CVE-2020-22173
CVE-2020-22173
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmsedit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22173
CVE-2020-22174
CVE-2020-22174
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmsbook-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22174
CVE-2020-22175
CVE-2020-22175
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmsadminbetweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22175
CVE-2021-34428
CVE-2021-34428
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.
Source: CVE-2021-34428
CVE-2020-22176
CVE-2020-22176
PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information.
Source: CVE-2020-22176
CVE-2020-22170
CVE-2020-22170
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmsget_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22170
CVE-2020-22168
CVE-2020-22168
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in hmschange-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Source: CVE-2020-22168