Export limit exceeded: 14186 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45820 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45820 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-22719 | 1 Shimo | 1 Document | 2024-11-21 | 5.4 Medium |
| Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the table content text field. | ||||
| CVE-2020-22609 | 1 Enhancesoft | 1 Osticket | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php. | ||||
| CVE-2020-22608 | 1 Enhancesoft | 1 Osticket | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php. | ||||
| CVE-2020-22607 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the (1) name and (2) description parameters in application/controllers/admin/PermissiontemplatesController.php. | ||||
| CVE-2020-22481 | 1 Hack | 1 Hfish | 2024-11-21 | 6.1 Medium |
| An issue was discovered in HFish 0.5.1. When a payload is inserted where the password is entered, XSS code is triggered when the administrator views the information. | ||||
| CVE-2020-22453 | 1 Untis | 1 Webuntis | 2024-11-21 | 6.1 Medium |
| Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information. | ||||
| CVE-2020-22428 | 1 Solarwinds | 2 Serv-u Ftp Server, Serv-u Mft Server | 2024-11-21 | 4.8 Medium |
| SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload. | ||||
| CVE-2020-22421 | 1 74cms | 1 74cms | 2024-11-21 | 6.1 Medium |
| 74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vulnerability via /index.php?m=&c=help&a=help_list&key. | ||||
| CVE-2020-22394 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 6.1 Medium |
| In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2020-22392 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file. | ||||
| CVE-2020-22330 | 1 Intelliants | 1 Subrion | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page. | ||||
| CVE-2020-22312 | 1 Hznuoj Project | 1 Hznuoj | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability was discovered in the OJ/admin-tool /cal_scores.php function of HZNUOJ v1.0. | ||||
| CVE-2020-22251 | 1 Phplist | 1 Phplist | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in phpList 3.5.3 via the login name field in Manage Administrators when adding a new admin. | ||||
| CVE-2020-22224 | 1 Phpjabbers | 1 Fundraising Script | 2024-11-21 | 6.1 Medium |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function. | ||||
| CVE-2020-22222 | 1 Phpjabbers | 1 Fundraising Script | 2024-11-21 | 6.1 Medium |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function. | ||||
| CVE-2020-22181 | 1 Samsung | 2 Sww-3400rw, Sww-3400rw Firmware | 2024-11-21 | 6.1 Medium |
| A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi | ||||
| CVE-2020-22167 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.4 Medium |
| PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data. | ||||
| CVE-2020-22158 | 1 Mediakind | 2 Rx8200, Rx8200 Firmware | 2024-11-21 | 6.1 Medium |
| MediaKind (formerly Ericsson) RX8200 5.13.3 devices are vulnerable to multiple reflected and stored XSS. An attacker has to inject JavaScript code directly in the "path" or "Services+ID" parameters and send the URL to a user in order to exploit reflected XSS. In the case of stored XSS, an attacker must modify the "name" parameter with the malicious code. | ||||
| CVE-2020-22150 | 1 Piwigo | 1 Piwigo | 2024-11-21 | 6.1 Medium |
| A cross site scripting (XSS) vulnerability in /admin.php?page=permalinks of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-22148 | 1 Piwigo | 1 Piwigo | 2024-11-21 | 6.1 Medium |
| A stored cross site scripting (XSS) vulnerability in /admin.php?page=tags of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML. | ||||