Skip to main content
CVE-2020-9380 CRITICAL POC Act Now

IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Web Tv Player
NVD GitHub
CVSS 3.1
9.8
EPSS
4.0%
CVE-2020-10106 CRITICAL POC Act Now

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Daily Expense Tracker System
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-10180 CRITICAL Act Now

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +4
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-9370 CRITICAL Act Now

HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Hga12R 02 Firmware
NVD
CVSS 3.1
9.1
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy