Search
Search Results (45668 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15400 | 1 Cakefoundation | 1 Cakephp | 2024-11-21 | 4.3 Medium |
| CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS. | ||||
| CVE-2020-15382 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 7.2 High |
| Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. | ||||
| CVE-2020-15364 | 1 Nexos Project | 1 Nexos | 2024-11-21 | 6.1 Medium |
| The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS. | ||||
| CVE-2020-15339 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 6.1 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS. | ||||
| CVE-2020-15327 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 High |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | ||||
| CVE-2020-15326 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.3 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | ||||
| CVE-2020-15324 | 1 Zyxel | 1 Cloud Cnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials. | ||||
| CVE-2020-15323 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials. | ||||
| CVE-2020-15322 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | ||||
| CVE-2020-15321 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | ||||
| CVE-2020-15320 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account. | ||||
| CVE-2020-15319 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree. | ||||
| CVE-2020-15318 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree. | ||||
| CVE-2020-15317 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | ||||
| CVE-2020-15316 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | ||||
| CVE-2020-15315 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree. | ||||
| CVE-2020-15314 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account. | ||||
| CVE-2020-15313 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account. | ||||
| CVE-2020-15312 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account. | ||||
| CVE-2020-15307 | 1 Nozominetworks | 1 Guardian | 2024-11-21 | 6.1 Medium |
| Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name. | ||||