Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2021-28126 | Cross-site Scripting vulnerability in Compassplus Tranzware E-Commerce Payment Gateway index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a Stored cross-site scripting (XSS) vulnerability | 4.3 |
| 2021-03-19 | CVE-2021-28110 | XXE vulnerability in Compassplus Tranzware E-Commerce Payment Gateway /exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a vulnerability in its XML parser. | 5.0 |
| 2021-03-19 | CVE-2021-25293 | Out-of-bounds Read vulnerability in Python Pillow An issue was discovered in Pillow before 8.1.1. | 5.0 |
| 2021-03-19 | CVE-2021-25292 | Unspecified vulnerability in Python Pillow An issue was discovered in Pillow before 8.1.1. | 6.5 |
| 2021-03-19 | CVE-2021-25291 | Out-of-bounds Read vulnerability in Python Pillow An issue was discovered in Pillow before 8.1.1. | 5.0 |
| 2021-03-19 | CVE-2021-25290 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Pillow before 8.1.1. | 5.0 |
| 2021-03-19 | CVE-2021-25289 | Out-of-bounds Write vulnerability in Python Pillow An issue was discovered in Pillow before 8.1.1. | 7.5 |
| 2021-03-19 | CVE-2020-6578 | Cross-site Scripting vulnerability in Zen-Cart ZEN Cart 1.5.6D Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php. | 4.3 |
| 2021-03-19 | CVE-2020-6577 | SQL Injection vulnerability in It-Recht-Kanzlei 1.5.6C The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows itrk-api.php rechtstext_language SQL Injection. | 7.5 |
| 2021-03-19 | CVE-2021-3327 | Cross-site Scripting vulnerability in Ovation Dynamic Content 1.10.1 Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the post_title parameter. | 3.5 |