Total
43767 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19703 | 1 Dzzoffice | 1 Dzzoffice | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the referer parameter of Dzzoffice 2.02 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2020-19683 | 1 Zzzcms | 1 Zzzcms | 2024-11-21 | 5.4 Medium |
| A Cross Site Scripting (XSS) exists in ZZZCMS V1.7.1 via an editfile action in save.php. | ||||
| CVE-2020-19643 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page. | ||||
| CVE-2020-19626 | 1 Craftcms | 1 Craft Cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new. | ||||
| CVE-2020-19619 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile. | ||||
| CVE-2020-19618 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing. | ||||
| CVE-2020-19617 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile. | ||||
| CVE-2020-19616 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing. | ||||
| CVE-2020-19611 | 1 Racktables Project | 1 Racktables | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter. | ||||
| CVE-2020-19587 | 1 Idera | 1 Yellowfin Business Intelligence | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI. | ||||
| CVE-2020-19586 | 1 Yellowfinbi | 1 Business Intelligence | 2024-11-21 | 9.0 Critical |
| Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI. | ||||
| CVE-2020-19554 | 1 Manageengine | 1 Opmanager | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPManager <=12.5.174 when the API key contains an XML-based XSS payload. | ||||
| CVE-2020-19553 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php. | ||||
| CVE-2020-19515 | 1 Qdpm | 1 Qdpm | 2024-11-21 | 6.1 Medium |
| qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\install\modules\database_config.php. | ||||
| CVE-2020-19511 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | 6.1 Medium |
| Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes, | ||||
| CVE-2020-19362 | 1 Vtiger | 1 Vtiger Crm | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page. | ||||
| CVE-2020-19361 | 1 Medintux | 1 Medintux | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1 parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page. | ||||
| CVE-2020-19295 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-19294 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section. | ||||
| CVE-2020-19293 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article. | ||||