Skip to main content
CVE-2020-10220 CRITICAL POC THREAT Emergency

An issue was discovered in rConfig through 3.9.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Rconfig
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
99.7%
CVE-2020-10212 CRITICAL POC Act Now

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF PHP Responsive Filemanager
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-10216 HIGH POC This Week

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dir 825 Firmware Tew 632Brp Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
5.0%
CVE-2020-10215 HIGH POC This Week

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dir 825 Firmware Tew 632Brp Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
5.3%
CVE-2020-10214 HIGH POC THREAT This Week

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption D-Link Dir 825 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
18.3%
CVE-2020-10213 HIGH POC This Week

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dir 825 Firmware Tew 632Brp Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
5.0%
CVE-2020-9470 HIGH POC This Week

An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wing Ftp Server
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-8635 HIGH POC This Week

Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Wing Ftp Server
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-8634 HIGH POC This Week

Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Apple Wing Ftp Server
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8439 MEDIUM POC This Month

Monstra CMS through 3.0.4 allows remote authenticated users to take over arbitrary user accounts via a modified login parameter to an edit URI, as demonstrated by login=victim to the users/21/edit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Monstra
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-9281 MEDIUM PATCH This Month

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Ckeditor Fedora Drupal Agile Plm +7
NVD GitHub
CVSS 3.1
6.1
EPSS
4.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy