Total
37685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20700 | 1 S-cms | 1 S-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box. | |||||
| CVE-2020-20699 | 1 S-cms | 1 S-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings. | |||||
| CVE-2020-20696 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field. | |||||
| CVE-2020-20695 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. | |||||
| CVE-2020-20645 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area. | |||||
| CVE-2020-20640 | 1 Shopex | 1 Ecshop | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability. | |||||
| CVE-2020-20633 | 1 Cookielawinfo | 1 Gdpr Cookie Consent | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation. | |||||
| CVE-2020-20628 | 1 Appsaloon | 1 Wp-gdpr | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS. | |||||
| CVE-2020-20626 | 1 Lara\'s Google Analytics Project | 1 Lara\'s Google Analytics | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS. | |||||
| CVE-2020-20605 | 1 Personal Blog Cms Project | 1 Personal Blog Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component. | |||||
| CVE-2020-20600 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerability in the $name parameter of admin/?n=column&c=index&a=doAddColumn. | |||||
| CVE-2020-20598 | 1 Mossle | 1 Lemon | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML. | |||||
| CVE-2020-20597 | 1 Mossle | 1 Lemon | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML. | |||||
| CVE-2020-20584 | 1 Baigo | 1 Baigo Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/. | |||||
| CVE-2020-20545 | 1 Seeyon | 1 G6 Government Collaborative System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'. | |||||
| CVE-2020-20523 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation. | |||||
| CVE-2020-20508 | 1 Shopkit Project | 1 Shopkit | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field. | |||||
| CVE-2020-20426 | 1 S-cms | 1 S-cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php. | |||||
| CVE-2020-20425 | 1 S-cms | 1 S-cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function. | |||||
| CVE-2020-20406 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes. | |||||