• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2020-25538

February 26, 2023 by

An authenticated attacker can inject malicious code into “lang” parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.

CVE-2020-25557

February 26, 2023 by

In CMSuno 1.6.2, an attacker can inject malicious PHP code as a “username” while changing his/her username & password. After that, when attacker logs in to the application, attacker’s code will be run. As a result of this vulnerability, authenticated user can run command on the server.

CVE-2020-25197

February 26, 2023 by

A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system.

CVE-2020-24628

February 26, 2023 by

A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.

CVE-2020-23219

February 26, 2023 by

Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the “Snippet content” field under the “Edit Snippet” module.

CVE-2020-22937

February 26, 2023 by

A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 147
  • Go to page 148
  • Go to page 149
  • Go to page 150
  • Go to page 151
  • Interim pages omitted …
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE