Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2020-02-22
Low
Med.
Med.
Med.
Med.
Med.
2020-02-21
Low
Low
High
Med.
Med.
2020-02-20
High
Med.

The latest CVEs

2020-02-22
CVE-2020-9341
CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.
CVE-2020-9340
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
CVE-2020-9339
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
CVE-2020-9338
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
CVE-2020-9336
fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field.
CVE-2020-9039
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).
CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
2020-02-21
CVE-2020-9330
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without know...
CVE-2020-8862
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the lack of proper password checking. An attacker can...
CVE-2020-8861
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of cooki...

Dorks

2020-02-22
Med.
Powered by COCSSYS Infotech - Bypass Admin
intext:All rights reserved | Powered by COCSSYS Infotech Pvt. Ltd.
Light Cyber Indonesia
Med.
Indonesian School - SQL Lokomedia Vulnerability
inurl:/hal-visi-misi.html site:.sch.id
Light Cyber Indonesia
Med.
Element Ajans Scripts Local File Inclusion Vulnerability
intext:Copyrigt © 2019 Element Ajans ®
Gaddar
Med.
colorcode - Bypass admin
"Designed & Developed By colorcode"
Xplo5ionS
Med.
Tom Cowan - Bypass admin with Noredirect
"Website by Tom Cowan"
Xplo5ionS

Copyright 2020, cxsecurity.com

 

Back to Top