|
1651
|
7.5 |
HIGH
Network
|
-
|
-
|
Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequ…
|
CWE-79
Cross-site Scripting
|
CVE-2020-37245
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1652
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers ca…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2020-37246
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1653
|
7.8 |
HIGH
Local
|
-
|
-
|
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers …
|
CWE-428
Unquoted Search Path or Element
|
CVE-2020-37247
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1654
|
5.3 |
MEDIUM
Network
|
-
|
-
|
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and …
|
CWE-79
Cross-site Scripting
|
CVE-2021-47934
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1655
|
8.2 |
HIGH
Network
|
-
|
-
|
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send…
|
CWE-89
SQL Injection
|
CVE-2021-47954
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1656
|
7.5 |
HIGH
Network
|
-
|
-
|
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payl…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47969
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1657
|
7.5 |
HIGH
Network
|
-
|
-
|
Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47970
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1658
|
7.5 |
HIGH
Network
|
-
|
-
|
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a pa…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47971
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1659
|
7.5 |
HIGH
Network
|
-
|
-
|
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can p…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47972
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1660
|
7.5 |
HIGH
Network
|
-
|
-
|
Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can gener…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47973
|
2026-05-19 02:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
