Sentrifugo 3.2 |
RCE [Authenticated] (announcements) |
CVE-2020-26804 |
Sentrifugo 3.2 |
RCE [Authenticated] (assets) |
CVE-2020-26803 |
Sentrifugo 3.2 |
SQLi [employeeNumId] parameter |
CVE-2020-26805 |
CMSUno 1.6.2 |
RCE [Authenticated] (password.php) |
CVE-2020-25557 |
CMSUno 1.6.2 |
RCE [Authenticated] (config.php) |
CVE-2020-25538 |
GOG Galaxy Desktop App |
Local Privilege Escalation |
CVE-2020-11827 |
Virtualbox |
Local DOS Vulnerability |
CVE-2020-2909 |
Memono |
Insecure Data Storage [IOS] |
CVE-2020-11826 |
Rukovoditel |
SQL Injection reports_id (POST) |
CVE-2020-11816 |
Rukovoditel |
SQL Injection filters[1][value] (POST) |
CVE-2020-11812 |
Rukovoditel |
SQL Injection filters[0][value] (POST) |
CVE-2020-11812 |
Rukovoditel2 |
SQL Injection [entities_id] |
CVE-2020-11820 |
Rukovoditel |
CSRF Bypass -> Account Takeover |
CVE-2020-11818 |
Rukovoditel - Maintenance Mode Configuration |
RCE |
CVE-2020-11817 |
Qdpm - Web-Based Project Management Software |
RCE |
CVE-2020-11811 |
Rukovoditel - Login Page Configuration |
RCE |
CVE-2020-11815 |
NETIS DL4323 |
Clear Text Password |
CVE-2019-20074 |
Dolibarr |
Theft of User Information |
CVE-2020-7994 |
Dolibarr |
Theft of User Information |
CVE-2020-7995 |
Dolibarr |
Theft of User Information |
CVE-2020-7996 |
Dolibarr 12.0.3 |
ERP-CRM Remote Command Execution |
CVE-2020-35136 |