Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2020-06-06
Low
Low
High
2020-06-05
Med.
Med.
Med.
Low
High
Low
High
Med.
High
Med.

The latest CVEs

2020-06-07
CVE-2020-13897
HESK before 3.1.10 allows reflected XSS.
CVE-2020-13895
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact if an attacker wishes to use public r and s values when guessing whethe...
CVE-2020-13894
handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.
2020-06-06
CVE-2020-13890
The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard.
CVE-2020-13889
showAlert() in the administration panel in Bludit 3.12.0 allows XSS.
CVE-2020-13883
In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.
CVE-2020-13881
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
CVE-2020-13871
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
2020-06-05
CVE-2020-13865
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-13864
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.

Dorks

2020-06-05
Med.
News website CMS SQL injection & Bypass Admin Panel & XSS Vulnerability & Remote code Execution By Aryan Chehreghani( CVE-2019-13409 )
inurl:php?id= intext:Design By Dassinfotech.com
Aryan Chehreghani
High
MiniShare 1.4.1 - 'PUT' Remote Buffer Overflow, allows remote attackers to execute arbitrary code via a long HTTP PUT request.( CVE-2020-13768 )
https://github.com/sartlabs/OSCE-Prep/blob/9a9d2471a9de09457f970be4ea1b57a74d26705a/My%20CVEs/Minishare_BOF_PUT.py
Sarang Tumne
2020-06-03
Low
Dtell Cross Site Scripting
intext:"Designed by Dtell"
Xmall75
2020-06-02
Low
Infomedia Web Solutions Cross Site Scripting
intext:"Developed by: Infomedia Web Solutions"
Xmall75
2020-06-01
Low
Advertroindia Cross Site Scripting
intext:Copyrights Advertroindia
Xmall75

Copyright 2020, cxsecurity.com

 

Back to Top