Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 39597 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-23754 1 Php-fusion 1 Phpfusion 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Cross Site Scripting (XSS) vulnerability in infusions/member_poll_panel/poll_admin.php in PHP-Fusion 9.03.50, allows attackers to execute arbitrary code, via the polls feature.
CVE-2020-23721 1 Thedaylightstudio 1 Fuel Cms 2024-11-21 3.5 LOW 5.4 MEDIUM
An issue was discovered in FUEL CMS V1.4.7. An attacker can use a XSS payload and bypass a filter via /fuelCM/fuel/pages/edit/1?lang=english.
CVE-2020-23719 1 Zibbs Project 1 Zibbs 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Cross site scripting (XSS) vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter.
CVE-2020-23718 1 Zibbs Project 1 Zibbs 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php.
CVE-2020-23710 1 Limesurvey 1 Limesurvey 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross Site Scripting (XSS) vulneraiblity in LimeSurvey 4.2.5 on textbox via the Notifications & data feature.
CVE-2020-23702 1 Php-fusion 1 Php-fusion 2024-11-21 3.5 LOW 4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbox_panel/shoutbox_admin.php.
CVE-2020-23700 1 Lavalite 1 Lavalite 2024-11-21 3.5 LOW 4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature.
CVE-2020-23697 1 Monstra 1 Monstra Cms 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php.
CVE-2020-23689 1 Yfcmf 1 Yfcmf 2024-11-21 3.5 LOW 4.8 MEDIUM
In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.
CVE-2020-23660 1 Webtareas Project 1 Webtareas 2024-11-21 3.5 LOW 5.4 MEDIUM
webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Search."
CVE-2020-23659 1 Webport 1 Web Port 2024-11-21 3.5 LOW 5.4 MEDIUM
WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the "connections" feature.
CVE-2020-23658 1 Php-fusion 1 Php-fusion 2024-11-21 3.5 LOW 5.4 MEDIUM
PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php.
CVE-2020-23657 1 Naviwebs 1 Navigatecms 2024-11-21 3.5 LOW 5.4 MEDIUM
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."
CVE-2020-23656 1 Naviwebs 1 Navigatecms 2024-11-21 3.5 LOW 5.4 MEDIUM
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content."
CVE-2020-23655 1 Naviwebs 1 Navigatecms 2024-11-21 3.5 LOW 5.4 MEDIUM
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."
CVE-2020-23654 1 Naviwebs 1 Navigatecms 2024-11-21 3.5 LOW 5.4 MEDIUM
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) via the module "Shop."
CVE-2020-23644 1 Jizhicms 1 Jizhicms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
XSS exists in JIZHICMS 1.7.1 via index.php/Error/index?msg={XSS] to Home/c/ErrorController.php.
CVE-2020-23643 1 Jizhicms 1 Jizhicms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
XSS exists in JIZHICMS 1.7.1 via index.php/Wechat/checkWeixin?signature=1&echostr={XSS] to Home/c/WechatController.php.
CVE-2020-23618 1 Xtendtech 1 Voice Logger 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page.
CVE-2020-23617 1 Totolink 4 N100re, N100re Firmware, N200re and 1 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.