Export limit exceeded: 340003 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44465 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44465 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24053 | 1 Moog | 4 Exvf5c-2, Exvf5c-2 Firmware, Exvp7c2-3 and 1 more | 2024-11-21 | 7.5 High |
| Moog EXO Series EXVF5C-2 and EXVP7C2-3 units have a hardcoded credentials vulnerability. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols. | ||||
| CVE-2020-24026 | 1 Tinyshop Project | 1 Tinyshop | 2024-11-21 | 6.1 Medium |
| TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explain_first and again_explain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scripting (XSS) or information disclosure. | ||||
| CVE-2020-23992 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request. | ||||
| CVE-2020-23989 | 1 Nedi | 1 Nedi | 2024-11-21 | 5.4 Medium |
| NeDi 1.9C allows pwsec.php oid XSS. | ||||
| CVE-2020-23986 | 1 Github Readme Stats Project | 1 Github Readme Stats | 2024-11-21 | 6.1 Medium |
| Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError. | ||||
| CVE-2020-23984 | 1 Online Hotel Booking System Pro Project | 1 Online Hotel Booking System Pro | 2024-11-21 | 5.4 Medium |
| Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-site Scripting in Customer registration-form all-tags. | ||||
| CVE-2020-23983 | 1 Ichat Project | 1 Ichat | 2024-11-21 | 5.4 Medium |
| Michael-design iChat Realtime PHP Live Support System 1.6 has persistent Cross-site Scripting via chat,text-filed tags. | ||||
| CVE-2020-23982 | 1 Designmasterevents | 1 Conference Management Cms | 2024-11-21 | 6.1 Medium |
| DesignMasterEvents Conference management 1.0.0 has cross site scripting via the 'certificate.php' | ||||
| CVE-2020-23981 | 1 13enforme | 1 13enforme Cms | 2024-11-21 | 6.1 Medium |
| 13enforme CMS 1.0 has Cross Site Scripting via the "content.php" id parameter. | ||||
| CVE-2020-23977 | 1 Kandnconcepts Club Cms Project | 1 Kandnconcepts Club Cms | 2024-11-21 | 6.1 Medium |
| KandNconcepts Club CMS 1.1 and 1.2 has cross site scripting via the 'team.php,player.php,club.php' id parameter. | ||||
| CVE-2020-23975 | 1 Webexcels | 1 Ecommerce Cms | 2024-11-21 | 6.1 Medium |
| Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter. | ||||
| CVE-2020-23974 | 1 Create-project Manager Project | 1 Create-project Manager | 2024-11-21 | 5.4 Medium |
| Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Message(title-tag), Add new client (all-tags). | ||||
| CVE-2020-23962 | 1 Catfish-cms | 1 Catfish Cms | 2024-11-21 | 6.1 Medium |
| A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "announcement_gonggao" parameter. | ||||
| CVE-2020-23957 | 1 Pega | 1 Pega Platform | 2024-11-21 | 6.1 Medium |
| Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI. | ||||
| CVE-2020-23868 | 1 Nedi | 1 Nedi | 2024-11-21 | 5.4 Medium |
| NeDi 1.9C allows inc/rt-popup.php d XSS. | ||||
| CVE-2020-23849 | 1 Jsoneditoronline | 1 Jsoneditor | 2024-11-21 | 6.1 Medium |
| Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript. | ||||
| CVE-2020-23839 | 1 Get-simple | 1 Getsimple Cms | 2024-11-21 | 6.1 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form. | ||||
| CVE-2020-23835 | 1 Tailor Management System Project | 1 Tailor Management System | 2024-11-21 | 6.4 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Tailor Management System v1.0 allows remote attackers to harvest keys pressed by an unauthenticated victim who clicks on a malicious URL and begins typing. | ||||
| CVE-2020-23832 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2024-11-21 | 6.1 Medium |
| A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login. | ||||
| CVE-2020-23831 | 1 Stock Management System Project | 1 Stock Management System | 2024-11-21 | 6.4 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials. | ||||