Skip to main content
CVE-2020-26212 MEDIUM POC PATCH This Month

GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Mozilla Authentication Bypass PHP Glpi
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-29072 MEDIUM POC This Month

A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Liquidfiles
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-25650 MEDIUM POC PATCH This Month

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Spice Vdagent Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-29069 MEDIUM POC This Month

_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network (MHN) through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Modern Honey Network
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-29070 MEDIUM POC PATCH This Month

osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Oscommerce
NVD GitHub
CVSS 3.1
4.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy