CVE-2021-25206
Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.
Source: CVE-2021-25206
[월:] 2021년 07월
CVE-2021-25208
CVE-2021-25208
Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.
Source: CVE-2021-25208
CVE-2021-25204
CVE-2021-25204
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.
Source: CVE-2021-25204
CVE-2021-25203
CVE-2021-25203
Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to CMSsite-masteradminincludesadmin_add_post.php.
Source: CVE-2021-25203
CVE-2021-25201
CVE-2021-25201
SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.
Source: CVE-2021-25201
CVE-2019-9983
CVE-2019-9983
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
Source: CVE-2019-9983
CVE-2021-25207
CVE-2021-25207
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.
Source: CVE-2021-25207
CVE-2021-20333
CVE-2021-20333
Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. This issue affects MongoDB Server v3.6 versions prior to 3.6.20; MongoDB Server v4.0 versions prior to 4.0.21; MongoDB Server v4.2 versions prior to 4.2.10;
Source: CVE-2021-20333
CVE-2020-14032
CVE-2020-14032
ASRock 4×4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.
Source: CVE-2020-14032
CVE-2021-26799
CVE-2021-26799
Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML.
Source: CVE-2021-26799