Total
37055 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23832 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login. | |||||
| CVE-2020-23831 | 1 Stock Management System Project | 1 Stock Management System | 2024-11-21 | 4.3 MEDIUM | 6.4 MEDIUM |
| A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials. | |||||
| CVE-2020-23814 | 1 Xuxueli | 1 Xxl-job | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) AppName and (2)AddressList parameter in JobGroupController.java file. | |||||
| CVE-2020-23774 | 1 Winmail Project | 1 Winmail | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. | |||||
| CVE-2020-23762 | 1 Larsens Calendar Project | 1 Larsens Calendar | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hinzufugen" tab. | |||||
| CVE-2020-23761 | 1 Intelliants | 1 Subrion | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote attackers to execute arbitrary web script via the "payment gateway" column on transactions tab. | |||||
| CVE-2020-23754 | 1 Php-fusion | 1 Phpfusion | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| Cross Site Scripting (XSS) vulnerability in infusions/member_poll_panel/poll_admin.php in PHP-Fusion 9.03.50, allows attackers to execute arbitrary code, via the polls feature. | |||||
| CVE-2020-23721 | 1 Thedaylightstudio | 1 Fuel Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in FUEL CMS V1.4.7. An attacker can use a XSS payload and bypass a filter via /fuelCM/fuel/pages/edit/1?lang=english. | |||||
| CVE-2020-23719 | 1 Zibbs Project | 1 Zibbs | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| Cross site scripting (XSS) vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter. | |||||
| CVE-2020-23718 | 1 Zibbs Project | 1 Zibbs | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php. | |||||
| CVE-2020-23710 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulneraiblity in LimeSurvey 4.2.5 on textbox via the Notifications & data feature. | |||||
| CVE-2020-23702 | 1 Php-fusion | 1 Php-fusion | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbox_panel/shoutbox_admin.php. | |||||
| CVE-2020-23700 | 1 Lavalite | 1 Lavalite | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature. | |||||
| CVE-2020-23697 | 1 Monstra | 1 Monstra Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php. | |||||
| CVE-2020-23689 | 1 Yfcmf | 1 Yfcmf | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page. | |||||
| CVE-2020-23660 | 1 Webtareas Project | 1 Webtareas | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Search." | |||||
| CVE-2020-23659 | 1 Webport | 1 Web Port | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the "connections" feature. | |||||
| CVE-2020-23658 | 1 Php-fusion | 1 Php-fusion | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php. | |||||
| CVE-2020-23657 | 1 Naviwebs | 1 Navigatecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration." | |||||
| CVE-2020-23656 | 1 Naviwebs | 1 Navigatecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content." | |||||