| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device. |
| Cross Site Scripting (XSS) vulnerability in phpList 3.5.3 via the login name field in Manage Administrators when adding a new admin. |
| Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the remote code execution |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function. |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function. |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function. |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function. |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function. |
| Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. |
| An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. |
| Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. |
| SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php. |
| SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php. |
| SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php. |
| SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php. |
| SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php. |
| SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php. |
| SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php. |
| SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. . |
| SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php. |
