Export limit exceeded: 44442 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44442 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15516 | 1 Mm Forum Project | 1 Mm Forum | 2024-11-21 | 5.4 Medium |
| The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF. | ||||
| CVE-2020-15514 | 1 Jh Captcha Project | 1 Jh Captcha | 2024-11-21 | 5.4 Medium |
| The jh_captcha extension through 2.1.3, and 3.x through 3.0.2, for TYPO3 allows XSS. | ||||
| CVE-2020-15500 | 1 Tileserver | 1 Tileservergl | 2024-11-21 | 6.1 Medium |
| An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS. | ||||
| CVE-2020-15499 | 1 Asus | 2 Rt-ac1900p, Rt-ac1900p Firmware | 2024-11-21 | 6.1 Medium |
| An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via spoofed Release Notes on the Firmware Upgrade page. | ||||
| CVE-2020-15497 | 1 Jalios | 1 Jcms | 2024-11-21 | 5.3 Medium |
| jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS | ||||
| CVE-2020-15400 | 1 Cakefoundation | 1 Cakephp | 2024-11-21 | 4.3 Medium |
| CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS. | ||||
| CVE-2020-15382 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 7.2 High |
| Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. | ||||
| CVE-2020-15364 | 1 Nexos Project | 1 Nexos | 2024-11-21 | 6.1 Medium |
| The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS. | ||||
| CVE-2020-15339 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 6.1 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS. | ||||
| CVE-2020-15327 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 High |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | ||||
| CVE-2020-15326 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.3 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | ||||
| CVE-2020-15324 | 1 Zyxel | 1 Cloud Cnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials. | ||||
| CVE-2020-15323 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials. | ||||
| CVE-2020-15322 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | ||||
| CVE-2020-15321 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | ||||
| CVE-2020-15320 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 9.8 Critical |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account. | ||||
| CVE-2020-15319 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree. | ||||
| CVE-2020-15318 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree. | ||||
| CVE-2020-15317 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | ||||
| CVE-2020-15316 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 5.9 Medium |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | ||||