Home
Fatih's Blog
Cancel

Rukovoditel | CSRF Bypass -> Account Takeover - CVE-2020-11818

Vendor: https://sourceforge.net/projects/rukovoditel/ Version: 2.5.2 Vulnerability: CSRF Bypass -> Account Takeover CVE: CVE-2020-11818 CVSS 3.x Base Score: 8.8 HIGH Rukovoditel is a free w...

Rukovoditel - Maintenance Mode Configuration | RCE - CVE-2020-11817

Vendor: https://sourceforge.net/projects/rukovoditel/ Version: 2.5.2 Vulnerability: File Upload CVE: CVE-2020-11817 CVSS 3.x Base Score: 9.8 CRITICAL Rukovoditel is a free web-based open-sourc...

Web-Based Project Management Software | RCE - CVE-2020-11811

Vendor: http://qdpm.net/ Version: 9.1 Vulnerability: File upload CVE: CVE-2020-11811 CVSS 3.x Base Score: 9.8 CRITICAL qdPM is a free web-based project management tool suitable for a small tea...

Rukovoditel - Login Page Configuration | RCE - CVE-2020-11815

Version: 2.5.2 Vulnerability: File Upload CVE: CVE-2020-11815 CVSS 3.x Base Score: 9.8 CRITICAL Rukovoditel is a free web-based open-source project management application. A far cry from tradit...

Clear Text Password - Netis DL4323 | CVE-2019-20074

Product: Netis DL4323 Modem CVE: CVE-2019-20074 CVSS 3.x Base Score: 8.8 HIGH Description:  On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the ...