Total
37684 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-18327 | 1 Alfresco | 1 Alfresco | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2 | |||||
| CVE-2020-18325 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel. | |||||
| CVE-2020-18324 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template. | |||||
| CVE-2020-18259 | 1 Ed01-cms Project | 1 Ed01-cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields. | |||||
| CVE-2020-18230 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_switchshow" of component " /admin/web_config.php". | |||||
| CVE-2020-18229 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_copyright" of component " /admin/web_config.php". | |||||
| CVE-2020-18221 | 1 Typora | 1 Typora | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula. | |||||
| CVE-2020-18194 | 1 Emlog | 1 Emlog | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post. | |||||
| CVE-2020-18167 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu". | |||||
| CVE-2020-18165 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu". | |||||
| CVE-2020-18158 | 1 Hucart | 1 Hucart | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php. | |||||
| CVE-2020-18145 | 1 Baidu | 1 Umeditor | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php. | |||||
| CVE-2020-18126 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | |||||
| CVE-2020-18125 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | |||||
| CVE-2020-18102 | 1 Hotels Server Project | 1 Hotels Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php". | |||||
| CVE-2020-18084 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in. | |||||
| CVE-2020-18066 | 1 Zrlog | 1 Zrlog | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in ZrLog 2.1.0 via the (1) userName and (2) email parameters in post/addComment. | |||||
| CVE-2020-18065 | 1 Popojicms | 1 Popojicms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager--------- edit menu. | |||||
| CVE-2020-18035 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java". | |||||
| CVE-2020-18022 | 1 Qibosoft | 1 Qibocms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component. | |||||