Total
37686 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21639 | 1 Ruijie | 2 Rg-uac 6000-e50, Rg-uac 6000-e50 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cross-site scripting (XSS) vulnerability via the rule_name parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2020-21517 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php. | |||||
| CVE-2020-21506 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?m=Config&a=add. | |||||
| CVE-2020-21505 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php/Link/addsave. | |||||
| CVE-2020-21504 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?&m=Public&a=login. | |||||
| CVE-2020-21496 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter. | |||||
| CVE-2020-21495 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter. | |||||
| CVE-2020-21494 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0. | |||||
| CVE-2020-21482 | 1 Rgcms Project | 1 Rgcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module | |||||
| CVE-2020-21434 | 1 Maccms | 1 Maccms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Maccms 10 contains a cross-site scripting (XSS) vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field. | |||||
| CVE-2020-21387 | 1 Maccms | 1 Maccms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload. | |||||
| CVE-2020-21362 | 1 Maccms | 1 Maccms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting (XSS) vulnerability in the background search function of Maccms10 allows attackers to execute arbitrary web scripts or HTML via the 'wd' parameter. | |||||
| CVE-2020-21357 | 1 Popojicms | 1 Popojicms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the E-Mail field. | |||||
| CVE-2020-21353 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module. | |||||
| CVE-2020-21345 | 1 Halo | 1 Halo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Halo 1.1.3 via post publish components in the manage panel, which lets a remote malicious user execute arbitrary code. | |||||
| CVE-2020-21333 | 1 Publiccms | 1 Publiccms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case. | |||||
| CVE-2020-21316 | 1 Zrlog | 1 Zrlog | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote attackers to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel. | |||||
| CVE-2020-21266 | 1 Broadleafcommerce | 1 Broadleaf Commerce | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulnerability. | |||||
| CVE-2020-21228 | 1 Jizhicms | 1 Jizhicms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie. | |||||
| CVE-2020-21161 | 1 Ruckuswireless | 2 Zonedirector, Zonedirector Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0. | |||||