Export limit exceeded: 339851 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 13863 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44458 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44458 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-20640 | 1 Shopex | 1 Ecshop | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability. | ||||
| CVE-2020-20633 | 1 Cookielawinfo | 1 Gdpr Cookie Consent | 2024-11-21 | 5.4 Medium |
| ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation. | ||||
| CVE-2020-20628 | 1 Appsaloon | 1 Wp-gdpr | 2024-11-21 | 6.1 Medium |
| controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS. | ||||
| CVE-2020-20626 | 1 Lara\'s Google Analytics Project | 1 Lara\'s Google Analytics | 2024-11-21 | 5.4 Medium |
| lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS. | ||||
| CVE-2020-20605 | 1 Personal Blog Cms Project | 1 Personal Blog Cms | 2024-11-21 | 6.1 Medium |
| Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component. | ||||
| CVE-2020-20600 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 5.4 Medium |
| MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerability in the $name parameter of admin/?n=column&c=index&a=doAddColumn. | ||||
| CVE-2020-20598 | 1 Mossle | 1 Lemon | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-20597 | 1 Mossle | 1 Lemon | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-20584 | 1 Baigo | 1 Baigo Cms | 2024-11-21 | 6.1 Medium |
| A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/. | ||||
| CVE-2020-20545 | 1 Seeyon | 1 G6 Government Collaborative System | 2024-11-21 | 5.4 Medium |
| Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'. | ||||
| CVE-2020-20523 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation. | ||||
| CVE-2020-20508 | 1 Shopkit Project | 1 Shopkit | 2024-11-21 | 6.1 Medium |
| Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field. | ||||
| CVE-2020-20426 | 1 S-cms | 1 S-cms | 2024-11-21 | 6.1 Medium |
| S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php. | ||||
| CVE-2020-20425 | 1 S-cms | 1 S-cms | 2024-11-21 | 6.1 Medium |
| S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function. | ||||
| CVE-2020-20406 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 5.4 Medium |
| A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes. | ||||
| CVE-2020-20391 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets. | ||||
| CVE-2020-20389 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php. | ||||
| CVE-2020-20363 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | 4.8 Medium |
| Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. | ||||
| CVE-2020-20349 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 5.4 Medium |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module. | ||||
| CVE-2020-20348 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 5.4 Medium |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module. | ||||