Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-20908 1 Akaunting 1 Akaunting 2024-11-21 5.4 Medium
Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field.
CVE-2020-20808 1 Qibosoft 1 Qibosoft 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before allows a remote attacker to execute arbitrary code via the eindtijd and starttijd parameters of do/search.php.
CVE-2020-20799 1 Jeecms 1 Jeecms 2024-11-21 5.4 Medium
JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter.
CVE-2020-20781 1 Ucms Project 1 Ucms 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields.
CVE-2020-20701 1 S-cms 1 S-cms 2024-11-21 4.8 Medium
A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2020-20700 1 S-cms 1 S-cms 2024-11-21 4.8 Medium
A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box.
CVE-2020-20699 1 S-cms 1 S-cms 2024-11-21 4.8 Medium
A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings.
CVE-2020-20696 1 Gilacms 1 Gila Cms 2024-11-21 5.4 Medium
A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field.
CVE-2020-20695 1 Gilacms 1 Gila Cms 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVE-2020-20645 1 Eyoucms 1 Eyoucms 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area.
CVE-2020-20640 1 Shopex 1 Ecshop 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability.
CVE-2020-20633 1 Cookielawinfo 1 Gdpr Cookie Consent 2024-11-21 5.4 Medium
ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation.
CVE-2020-20628 1 Appsaloon 1 Wp-gdpr 2024-11-21 6.1 Medium
controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS.
CVE-2020-20626 1 Lara\'s Google Analytics Project 1 Lara\'s Google Analytics 2024-11-21 5.4 Medium
lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS.
CVE-2020-20605 1 Personal Blog Cms Project 1 Personal Blog Cms 2024-11-21 6.1 Medium
Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component.
CVE-2020-20600 1 Metinfo 1 Metinfo 2024-11-21 5.4 Medium
MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerability in the $name parameter of admin/?n=column&c=index&a=doAddColumn.
CVE-2020-20598 1 Mossle 1 Lemon 2024-11-21 6.1 Medium
A cross-site scripting (XSS) vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-20597 1 Mossle 1 Lemon 2024-11-21 6.1 Medium
A cross-site scripting (XSS) vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-20584 1 Baigo 1 Baigo Cms 2024-11-21 6.1 Medium
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
CVE-2020-20545 1 Seeyon 1 G6 Government Collaborative System 2024-11-21 5.4 Medium
Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.