Latest CVE Feed
-
6.1
MEDIUMCVE-2021-30109
Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module.... Read more
Affected Products : froala_editor- EPSS Score: %0.21
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-30108
Feehi CMS 2.1.1 is affected by a Server-side request forgery (SSRF) vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it.... Read more
Affected Products : feehi_cms- EPSS Score: %0.22
- Published: May. 24, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30086
Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information.... Read more
Affected Products : kindeditor- EPSS Score: %0.24
- Published: Sep. 28, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30083
An issue was discovered in Mediat 1.4.1. There is a Reflected XSS vulnerability which allows remote attackers to inject arbitrary web script or HTML without authentication via the 'return' parameter in login.php.... Read more
Affected Products : mediat- EPSS Score: %0.16
- Published: May. 24, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30082
An issue was discovered in Gris CMS v0.1. There is a Persistent XSS vulnerability which allows remote attackers to inject arbitrary web script or HTML via admin/dashboard.... Read more
Affected Products : gris_cms- EPSS Score: %0.18
- Published: May. 24, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-30081
An issue was discovered in emlog 6.0.0stable. There is a SQL Injection vulnerability that can execute any SQL statement and query server sensitive data via admin/navbar.php?action=add_page.... Read more
Affected Products : emlog- EPSS Score: %0.24
- Published: May. 24, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30080
An issue was discovered in the route lookup process in beego before 1.12.11 that allows attackers to bypass access control.... Read more
Affected Products : beego- EPSS Score: %0.41
- Published: Apr. 05, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30074
docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.... Read more
Affected Products : docsify- EPSS Score: %0.24
- Published: Apr. 02, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30072
An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.... Read more
- EPSS Score: %0.55
- Published: Apr. 02, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30071
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.... Read more
Affected Products : control_panel- EPSS Score: %0.31
- Published: Aug. 18, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30070
An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager.... Read more
Affected Products : hestiacp- EPSS Score: %0.23
- Published: Aug. 18, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-30066
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.00
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30065
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.03
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30064
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.06
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30063
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can cause an OPC enforcer denial of service.... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +12 more products- EPSS Score: %0.07
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30062
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +12 more products- EPSS Score: %0.04
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-30061
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.01
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30058
Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in '/knowagecockpitengine/api/1.0/pages/execute' via the 'SBI_HOST' parameter.... Read more
Affected Products : knowage- EPSS Score: %0.29
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-30057
A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.... Read more
Affected Products : knowage- EPSS Score: %0.32
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30056
Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to data leakage.... Read more
Affected Products : knowage- EPSS Score: %0.21
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024