| Sentrifugo 3.2 |
RCE [Authenticated] (announcements) |
CVE-2020-26804 |
| Sentrifugo 3.2 |
RCE [Authenticated] (assets) |
CVE-2020-26803 |
| Sentrifugo 3.2 |
SQLi [employeeNumId] parameter |
CVE-2020-26805 |
| CMSUno 1.6.2 |
RCE [Authenticated] (password.php) |
CVE-2020-25557 |
| CMSUno 1.6.2 |
RCE [Authenticated] (config.php) |
CVE-2020-25538 |
| GOG Galaxy Desktop App |
Local Privilege Escalation |
CVE-2020-11827 |
| Virtualbox |
Local DOS Vulnerability |
CVE-2020-2909 |
| Memono |
Insecure Data Storage [IOS] |
CVE-2020-11826 |
| Rukovoditel |
SQL Injection reports_id (POST) |
CVE-2020-11816 |
| Rukovoditel |
SQL Injection filters[1][value] (POST) |
CVE-2020-11812 |
| Rukovoditel |
SQL Injection filters[0][value] (POST) |
CVE-2020-11812 |
| Rukovoditel2 |
SQL Injection [entities_id] |
CVE-2020-11820 |
| Rukovoditel |
CSRF Bypass -> Account Takeover |
CVE-2020-11818 |
| Rukovoditel - Maintenance Mode Configuration |
RCE |
CVE-2020-11817 |
| Qdpm - Web-Based Project Management Software |
RCE |
CVE-2020-11811 |
| Rukovoditel - Login Page Configuration |
RCE |
CVE-2020-11815 |
| NETIS DL4323 |
Clear Text Password |
CVE-2019-20074 |
| Dolibarr |
Theft of User Information |
CVE-2020-7994 |
| Dolibarr |
Theft of User Information |
CVE-2020-7995 |
| Dolibarr |
Theft of User Information |
CVE-2020-7996 |
| Dolibarr 12.0.3 |
ERP-CRM Remote Command Execution |
CVE-2020-35136 |
