Total
37786 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36552 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php. | |||||
| CVE-2020-36551 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php. | |||||
| CVE-2020-36550 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php. | |||||
| CVE-2020-36544 | 1 Sialweb | 1 Sialweb Cms | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A vulnerability has been found in SialWeb CMS and classified as problematic. This vulnerability affects unknown code of the component Search Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-36527 | 1 Aptis-solutions | 1 Server Status | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in Server Status. This issue affects some unknown processing of the component HTTP Status/SMTP Status. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-36526 | 1 Akeles | 1 Countdown Timer | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A vulnerability classified as problematic was found in Countdown Timer. This vulnerability affects unknown code of the component Macro Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-36525 | 1 Servicerocket | 1 Linking | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A vulnerability classified as problematic has been found in Linking. This affects an unknown part of the component New Windows Macro. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-36524 | 1 Refined | 1 Refined Toolkit | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A vulnerability was found in Refined Toolkit. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI-Image/UI-Button. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-36523 | 1 Avono | 1 Plantuml | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A vulnerability was found in PlantUML 6.43. It has been declared as problematic. Affected by this vulnerability is the component Database Information Macro. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-36510 | 1 Codetipi | 1 15zine | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2020-36502 | 1 Swiftfiletransfer | 1 Swift File Transfer | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the devicename parameter which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered as the device name itself. | |||||
| CVE-2020-36501 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in the Support module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary address state or alternate address state input fields. | |||||
| CVE-2020-36499 | 1 Taotesting | 1 Tao Assessment Platform | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting (XSS) vulnerability in the content parameter of the Rubric Block (Add) module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rubric name value. | |||||
| CVE-2020-36498 | 1 Macrob7 Macs Framework Content Management System Project | 1 Macrob7 Macs Framework Content Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting (XSS) vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field. | |||||
| CVE-2020-36497 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component makehtml_homepage.php via the `filename`, `mid`, `userid`, and `templet' parameters. | |||||
| CVE-2020-36496 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters. | |||||
| CVE-2020-36495 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters. | |||||
| CVE-2020-36494 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters. | |||||
| CVE-2020-36493 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||
| CVE-2020-36492 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||