Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45636 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45636 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19291 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo. | ||||
| CVE-2020-19290 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section. | ||||
| CVE-2020-19289 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new album tab. | ||||
| CVE-2020-19288 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message. | ||||
| CVE-2020-19287 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title. | ||||
| CVE-2020-19286 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor. | ||||
| CVE-2020-19285 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field. | ||||
| CVE-2020-19284 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field. | ||||
| CVE-2020-19283 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-19282 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. | ||||
| CVE-2020-19281 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username field. | ||||
| CVE-2020-19274 | 1 Dhcms Project | 1 Dhcms | 2024-11-21 | 6.1 Medium |
| A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-19266 | 1 Dswjcms Project | 1 Dswjcms | 2024-11-21 | 6.1 Medium |
| A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-19265 | 1 Dswjcms Project | 1 Dswjcms | 2024-11-21 | 6.1 Medium |
| A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-19204 | 1 Ipfire | 1 Ipfire | 2024-11-21 | 5.4 Medium |
| An authenticated Stored Cross-Site Scriptiong (XSS) vulnerability exists in Lightning Wire Labs IPFire 2.21 (x86_64) - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripting in the Routing Table Entries. | ||||
| CVE-2020-19203 | 1 Netgate | 1 Pfsense | 2024-11-21 | 5.4 Medium |
| An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS. | ||||
| CVE-2020-19202 | 1 Ipfire | 1 Ipfire | 2024-11-21 | 5.4 Medium |
| An authenticated Stored XSS (Cross-site Scripting) exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 (x86_64) - Core Update 130. It allows an authenticated WebGUI user with privileges to execute Stored Cross-site Scripting in the Captive Portal page. | ||||
| CVE-2020-19201 | 1 Netgate | 1 Pfsense | 2024-11-21 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules. | ||||
| CVE-2020-19158 | 1 S-cms | 1 S-cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'. | ||||
| CVE-2020-19157 | 1 Wenkucms Project | 1 Wenkucms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'. | ||||