Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-09 CVE-2021-40281 SQL Injection vulnerability in Zzcms
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users.
network
low complexity
zzcms CWE-89
8.8
8.8
2021-12-09 CVE-2021-40282 SQL Injection vulnerability in Zzcms
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php.
network
low complexity
zzcms CWE-89
8.8
8.8
2021-12-09 CVE-2021-41265 Improper Authentication vulnerability in Dpgaspar Flask-Appbuilder
Flask-AppBuilder is a development framework built on top of Flask.
network
low complexity
dpgaspar CWE-287
8.8
8.8
2021-12-09 CVE-2021-20138 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc.
low complexity
gryphonconnect CWE-78
8.8
8.8
2021-12-09 CVE-2021-20139 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers.
low complexity
gryphonconnect CWE-78
8.8
8.8
2021-12-09 CVE-2021-20140 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controller_server service on Gryphon Tower routers.
low complexity
gryphonconnect CWE-78
8.8
8.8
2021-12-09 CVE-2021-20141 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers.
low complexity
gryphonconnect CWE-78
8.8
8.8
2021-12-09 CVE-2021-20142 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers.
low complexity
gryphonconnect CWE-78
8.8
8.8
2021-12-09 CVE-2021-20143 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers.
low complexity
gryphonconnect CWE-78
8.8
8.8
2021-12-09 CVE-2021-20144 OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers.
low complexity
gryphonconnect CWE-78
8.8
8.8