Total
37074 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-25124 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI. | |||||
CVE-2020-25123 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager. | |||||
CVE-2020-25122 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager. | |||||
CVE-2020-25121 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options. | |||||
CVE-2020-25120 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI. | |||||
CVE-2020-25119 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual. | |||||
CVE-2020-25118 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager. | |||||
CVE-2020-25117 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager. | |||||
CVE-2020-25116 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager. | |||||
CVE-2020-25115 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager. | |||||
CVE-2020-25104 | 1 Eramba | 1 Eramba | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension. | |||||
CVE-2020-25102 | 1 Advanced Reports Project | 1 Advanced Reports | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
silverstripe-advancedreports (aka the Advanced Reports module for SilverStripe) 1.0 through 2.0 is vulnerable to Cross-Site Scripting (XSS) because it is possible to inject and store malicious JavaScript code. The affects admin/advanced-reports/DataObjectReport/EditForm/field/DataObjectReport/item (aka report preview) when an SVG document is provided in the Description parameter. | |||||
CVE-2020-25093 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel. | |||||
CVE-2020-25092 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel. | |||||
CVE-2020-25091 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/add_product.php. | |||||
CVE-2020-25090 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php. | |||||
CVE-2020-25089 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php. | |||||
CVE-2020-25088 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php. | |||||
CVE-2020-25087 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php. | |||||
CVE-2020-25086 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/adminUsers.php. |