0
CVE-2020-37015 - Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve system configurβ¦
0
CVE-2020-37013 - Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)
Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially β¦
9.3
CVE-2020-37012 - Tea LaTex 1.0 - Remote Code Execution
Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious LaTeX payload with shell commands that are executed when processed by the application's tex2png API aβ¦
0
CVE-2020-37011 - Gnome Fonts Viewer 3.34.0 Heap Corruption
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to cause an infinite malloc() loop and potentially crash thβ¦
0
CVE-2020-37010 - BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in (PoC)
BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search keywβ¦
8.7
CVE-2020-37009 - MedDream PACS Server 6.8.3.751 - Remote Code Execution
MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that allows authorized users to upload malicious PHP files. Attackers can exploit the uploadImage.php endpoint by authenticating and uploading a PHP shell to execute arbitrary system commands with elevated β¦
0
CVE-2020-37008 - EasyPMS 1.0.0 - Authentication Bypass
EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without pβ¦
5.1
CVE-2020-37007 - Liman 0.7 - Cross-Site Request Forgery (Change Password)
Liman 0.7 contains a cross-site request forgery vulnerability that allows attackers to manipulate user account settings without proper request validation. Attackers can craft malicious HTML forms to change user passwords or modify account information by tricking logged-in users into submitting unauβ¦
0
CVE-2020-37006 - berliCRM 1.0.24 - 'src_record' SQL Injection
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through a crafted POST request to the index.php endpoint to potentially extract or modify database information.
7.1
CVE-2020-37005 - TimeClock Software 1.01 Authenticated Time-Based SQL Injection
TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that allows attackers to enumerate valid usernames by manipulating the 'notes' parameter. Attackers can inject conditional time delays in the add_entry.php endpoint to determine user existence by measuring respβ¦