Export limit exceeded: 349518 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45825 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-25148 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. this can occur via /iftype/type= because of pages/iftype.inc.php. | ||||
| CVE-2020-25146 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id to the /syslog_rules URI for edit_syslog_rule. | ||||
| CVE-2020-25141 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via a /device/device=140/tab=wifi/view= URI. | ||||
| CVE-2020-25140 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur in pages/contacts.inc.php. | ||||
| CVE-2020-25139 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id to the /syslog_rules URI for delete_syslog_rule, because of syslog_rules.inc.php. | ||||
| CVE-2020-25138 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via /alert_check/action=delete_alert_checker/alert_test_id= because of pages/alert_check.inc.php. | ||||
| CVE-2020-25137 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the alert_name or alert_message parameter to the /alert_check URI. | ||||
| CVE-2020-25135 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the graph_title parameter to the graphs/ URI. | ||||
| CVE-2020-25131 | 1 Observium | 1 Observium | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the role_name or role_descr parameter to the roles/ URI. | ||||
| CVE-2020-25124 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI. | ||||
| CVE-2020-25123 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager. | ||||
| CVE-2020-25122 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager. | ||||
| CVE-2020-25121 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options. | ||||
| CVE-2020-25120 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI. | ||||
| CVE-2020-25119 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual. | ||||
| CVE-2020-25118 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager. | ||||
| CVE-2020-25117 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager. | ||||
| CVE-2020-25116 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager. | ||||
| CVE-2020-25115 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 4.8 Medium |
| The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager. | ||||
| CVE-2020-25104 | 1 Eramba | 1 Eramba | 2024-11-21 | 5.4 Medium |
| eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension. | ||||