CVE-2021-37400
An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
Source: CVE-2021-37400
[월:] 2021년 12월
CVE-2021-45425
CVE-2021-45425
Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes.
Source: CVE-2021-45425
CVE-2019-20082
CVE-2019-20082
ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LAN_Content.asp.
Source: CVE-2019-20082
CVE-2018-17875
CVE-2018-17875
A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors.
Source: CVE-2018-17875
CVE-2021-40579
CVE-2021-40579
https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote).
Source: CVE-2021-40579
CVE-2021-35032
CVE-2021-35032
A vulnerability in the ‘libsal.so’ of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call.
Source: CVE-2021-35032
CVE-2021-35031
CVE-2021-35031
A vulnerability in the TFTP client of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated LAN user to execute arbitrary OS commands.
Source: CVE-2021-35031
CVE-2021-4179
CVE-2021-4179
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
Source: CVE-2021-4179
CVE-2021-4177
CVE-2021-4177
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
Source: CVE-2021-4177
CVE-2021-20873
CVE-2021-20873
Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may be directed to unintended sites via a specially crafted URL.
Source: CVE-2021-20873