Total
37684 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-19000 | 1 Simiki Project | 1 Simiki | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary code via line 54 of the component 'simiki/blob/master/simiki/generators.py'. | |||||
| CVE-2020-18999 | 1 Blog Mini Project | 1 Blog Mini | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'. | |||||
| CVE-2020-18998 | 1 Blog Mini Project | 1 Blog Mini | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'. | |||||
| CVE-2020-18984 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection. | |||||
| CVE-2020-18982 | 1 Halo | 1 Halo | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl. | |||||
| CVE-2020-18979 | 1 Halo | 1 Halo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter. | |||||
| CVE-2020-18766 | 1 Antsword Project | 1 Antsword | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands. | |||||
| CVE-2020-18748 | 1 Typora | 1 Typora | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Typora v0.9.65 allows attackers to execute arbitrary code via mathjax syntax due to a mathjax configuration error in the mathematical formula blocks. This is a different vulnerability from CVE-2020-18221. | |||||
| CVE-2020-18737 | 1 Typora | 1 Typora | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Typora 0.9.67. There is an XSS vulnerability that causes Remote Code Execution. | |||||
| CVE-2020-18724 | 1 Altn | 1 Mdaemon Webmail | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Authenticated stored cross-site scripting (XSS) in the contact name field in the distribution list of MDaemon webmail 19.5.5 allows an attacker to executes code and perform a XSS attack while opening a contact list. | |||||
| CVE-2020-18723 | 1 Altn | 1 Mdaemon Webmail | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an attacker to execute code on the email recipient side while forwarding an email to perform potentially malicious activities. | |||||
| CVE-2020-18702 | 1 Quokka Project | 1 Quokka | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component 'quokka/admin/actions.py'. | |||||
| CVE-2020-18699 | 1 Talelin | 1 Lin-cms-flask | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code by entering scripts in the the 'Username' parameter of the in component 'app/api/cms/user.py'. | |||||
| CVE-2020-18693 | 1 Mineweb | 1 Minewebcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by injecting malicious code into the 'Title' field of the component '/admin/news'. | |||||
| CVE-2020-18671 | 1 Roundcube | 1 Webmail | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php. | |||||
| CVE-2020-18670 | 1 Roundcube | 1 Webmail | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php. | |||||
| CVE-2020-18668 | 1 Webport | 1 Web Port | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerabililty in WebPort <=1.19.1 via the description parameter to script/listcalls. | |||||
| CVE-2020-18664 | 1 Webport | 1 Web Port | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in WebPort <=1.19.1via the connection name parameter in type-conn. | |||||
| CVE-2020-18663 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the act parameter in bbs/move_update.php. | |||||
| CVE-2020-18661 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.php. | |||||