Total
41785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20425 | 1 S-cms | 1 S-cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function. | |||||
| CVE-2020-20406 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes. | |||||
| CVE-2020-20391 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets. | |||||
| CVE-2020-20389 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php. | |||||
| CVE-2020-20363 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. | |||||
| CVE-2020-20349 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module. | |||||
| CVE-2020-20348 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module. | |||||
| CVE-2020-20347 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module. | |||||
| CVE-2020-20345 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box. | |||||
| CVE-2020-20344 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module. | |||||
| CVE-2020-20285 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php | |||||
| CVE-2020-20142 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17. | |||||
| CVE-2020-20141 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17. | |||||
| CVE-2020-20140 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17. | |||||
| CVE-2020-20139 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17. | |||||
| CVE-2020-20138 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in the Showtime2 Slideshow module in CMS Made Simple (CMSMS) 2.2.4. | |||||
| CVE-2020-20131 | 1 Laracms Project | 1 Laracms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module. | |||||
| CVE-2020-20129 | 1 Laracms Project | 1 Laracms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor. | |||||
| CVE-2020-20125 | 1 Earclink | 1 Espcms-p8 | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| EARCLINK ESPCMS-P8 contains a cross-site scripting (XSS) vulnerability in espcms_web\espcms_load.php. | |||||
| CVE-2020-1949 | 1 Apache | 1 Sling Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks. | |||||