Vulnerabilities (CVE)

Filtered by CWE-79
Total 37038 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-20598 1 Mossle 1 Lemon 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-20597 1 Mossle 1 Lemon 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-20584 1 Baigo 1 Baigo Cms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
CVE-2020-20545 1 Seeyon 1 G6 Government Collaborative System 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.
CVE-2020-20523 1 Gilacms 1 Gila Cms 2024-11-21 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation.
CVE-2020-20508 1 Shopkit Project 1 Shopkit 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20426 1 S-cms 1 S-cms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php.
CVE-2020-20425 1 S-cms 1 S-cms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.
CVE-2020-20406 1 Elementor 1 Elementor Page Builder 2024-11-21 3.5 LOW 5.4 MEDIUM
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes.
CVE-2020-20391 1 Get-simple 1 Getsimplecms 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.
CVE-2020-20389 1 Get-simple 1 Getsimplecms 2024-11-21 3.5 LOW 4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.
CVE-2020-20363 1 Pbootcms 1 Pbootcms 2024-11-21 3.5 LOW 4.8 MEDIUM
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
CVE-2020-20349 1 Wtcms Project 1 Wtcms 2024-11-21 3.5 LOW 5.4 MEDIUM
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.
CVE-2020-20348 1 Wtcms Project 1 Wtcms 2024-11-21 3.5 LOW 5.4 MEDIUM
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.
CVE-2020-20347 1 Wtcms Project 1 Wtcms 2024-11-21 3.5 LOW 5.4 MEDIUM
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.
CVE-2020-20345 1 Wtcms Project 1 Wtcms 2024-11-21 3.5 LOW 5.4 MEDIUM
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.
CVE-2020-20344 1 Wtcms Project 1 Wtcms 2024-11-21 3.5 LOW 5.4 MEDIUM
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.
CVE-2020-20285 1 Zzcms 1 Zzcms 2024-11-21 3.5 LOW 5.4 MEDIUM
There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php
CVE-2020-20142 1 Flexmonster 1 Pivot Table \& Charts 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17.
CVE-2020-20141 1 Flexmonster 1 Pivot Table \& Charts 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17.