Total
37024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21003 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php. | |||||
| CVE-2020-20990 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting (XSS) vulnerability in the /segments/edit.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via the Segment Name parameter. | |||||
| CVE-2020-20988 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter. | |||||
| CVE-2020-20982 | 1 Wdja | 1 Wdja Cms | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php. | |||||
| CVE-2020-20977 | 1 Ukcms | 1 Ukcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Comments section. | |||||
| CVE-2020-20946 | 1 Qibosoft | 1 Qibosoft | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Qibosoft v7 contains a stored cross-site scripting (XSS) vulnerability in the component /admin/index.php?lfj=friendlink&action=add. | |||||
| CVE-2020-20908 | 1 Akaunting | 1 Akaunting | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field. | |||||
| CVE-2020-20808 | 1 Qibosoft | 1 Qibosoft | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before allows a remote attacker to execute arbitrary code via the eindtijd and starttijd parameters of do/search.php. | |||||
| CVE-2020-20799 | 1 Jeecms | 1 Jeecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter. | |||||
| CVE-2020-20781 | 1 Ucms Project | 1 Ucms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields. | |||||
| CVE-2020-20701 | 1 S-cms | 1 S-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2020-20700 | 1 S-cms | 1 S-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box. | |||||
| CVE-2020-20699 | 1 S-cms | 1 S-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings. | |||||
| CVE-2020-20696 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field. | |||||
| CVE-2020-20695 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. | |||||
| CVE-2020-20645 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area. | |||||
| CVE-2020-20640 | 1 Shopex | 1 Ecshop | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability. | |||||
| CVE-2020-20633 | 1 Cookielawinfo | 1 Gdpr Cookie Consent | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation. | |||||
| CVE-2020-20628 | 1 Appsaloon | 1 Wp-gdpr | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS. | |||||
| CVE-2020-20626 | 1 Lara\'s Google Analytics Project | 1 Lara\'s Google Analytics | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS. | |||||