Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3278PUBLISHED: 2021-01-26Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . Using this vulnerability, an attacker can bypass the login page.
CVE-2021-3285PUBLISHED: 2021-01-26jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS.
CVE-2021-3286PUBLISHED: 2021-01-26SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.
CVE-2021-3291PUBLISHED: 2021-01-26Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
CVE-2021-3297PUBLISHED: 2021-01-26On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.
User Rank: Apprentice
10/8/2013 | 12:54:40 PM