CVE-2020-21786

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php. (CVSS:7.5) (Final Update:2021-07-01)

2021-06-23T20:00:00-04:00June 23rd, 2021|File Inclusion|

CVE-2020-25414

A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. (CVSS:7.5) (Terminal Update:2021-06-21)

2021-06-16T20:00:00-04:00June 16th, 2021|File Inclusion|

CVE-2021-28979

SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. (CVSS:4.3) (Final Update:2021-07-15)

2021-06-15T20:00:00-04:00June 15th, 2021|HTTP Response Splitting|
Go to Top