Export limit exceeded: 47235 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47235 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21733 | 1 Sagemcom | 2 F\@st 3686, F\@st 3686 Firmware | 2024-11-21 | 6.1 Medium |
| Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp. | ||||
| CVE-2020-21732 | 1 Rukovoditel | 1 Rukovoditel | 2024-11-21 | 6.1 Medium |
| Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS). An attacker can add JavaScript code to the filename. | ||||
| CVE-2020-21731 | 1 Gazie Project | 1 Gazie | 2024-11-21 | 6.1 Medium |
| Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code. | ||||
| CVE-2020-21729 | 1 Jeecms | 1 Jeecms X | 2024-11-21 | 5.4 Medium |
| JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2020-21656 | 1 Xyhcms | 1 Xyhcms | 2024-11-21 | 5.4 Medium |
| XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index. | ||||
| CVE-2020-21639 | 1 Ruijie | 2 Rg-uac 6000-e50, Rg-uac 6000-e50 Firmware | 2024-11-21 | 6.1 Medium |
| Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cross-site scripting (XSS) vulnerability via the rule_name parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2020-21517 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php. | ||||
| CVE-2020-21506 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 6.1 Medium |
| waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?m=Config&a=add. | ||||
| CVE-2020-21505 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 6.1 Medium |
| waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php/Link/addsave. | ||||
| CVE-2020-21504 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 6.1 Medium |
| waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?&m=Public&a=login. | ||||
| CVE-2020-21496 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter. | ||||
| CVE-2020-21495 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter. | ||||
| CVE-2020-21494 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0. | ||||
| CVE-2020-21482 | 1 Rgcms Project | 1 Rgcms | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module | ||||
| CVE-2020-21434 | 1 Maccms | 1 Maccms | 2024-11-21 | 5.4 Medium |
| Maccms 10 contains a cross-site scripting (XSS) vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field. | ||||
| CVE-2020-21387 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload. | ||||
| CVE-2020-21362 | 1 Maccms | 1 Maccms | 2024-11-21 | 5.4 Medium |
| A cross site scripting (XSS) vulnerability in the background search function of Maccms10 allows attackers to execute arbitrary web scripts or HTML via the 'wd' parameter. | ||||
| CVE-2020-21357 | 1 Popojicms | 1 Popojicms | 2024-11-21 | 6.1 Medium |
| A stored cross site scripting (XSS) vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the E-Mail field. | ||||
| CVE-2020-21353 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 5.4 Medium |
| A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module. | ||||
| CVE-2020-21345 | 1 Halo | 1 Halo | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Halo 1.1.3 via post publish components in the manage panel, which lets a remote malicious user execute arbitrary code. | ||||