CWE:
 

Topic
Date
Author
Low
OpenCart 3.0.3.6 Cross Site Scripting
24.11.2020
Hemant Patidar
Low
nopCommerce Store 4.30 Cross Site Scripting
24.11.2020
Hemant Patidar
Low
LifeRay 7.2.1 GA2 Cross Site Scripting
23.11.2020
3ndG4me
Low
Super Store Finder 3.3 Cross Site Scripting
23.11.2020
Eagle Eye
Low
Sokrates SOWA SowaSQL Cross Site Scripting
22.11.2020
Marek Holka
Low
Wonder CMS 3.1.3 Cross Site Scripting
22.11.2020
Hemant Patidar
Low
PESCMS TEAM 2.3.2 Cross Site Scripting
21.11.2020
icekam
Low
Vtiger CRM 7.0 Cross Site Scripting
21.11.2020
Benjamin Kunz Mejri
Low
Touchbase.io 1.10 Stored Cross Site Scripting
21.11.2020
Simran Sankhala
Low
WordPress WP Forms 1.6.3.1 Cross SIte Scripting
19.11.2020
ZwX
Low
Nagios Log Server 2.1.7 Persistent Cross-Site Scripting
19.11.2020
Emre ÖVÜNÇ
Low
Kaa IoT Platform 1.2.0 Cross Site Scripting
16.11.2020
Mufaddal Masalawala
Low
SugarCRM 6.5.18 Cross Site Scripting
16.11.2020
Benjamin Kunz Mejri
Low
WordPress Buddypress 6.2.0 Cross Site Scripting
16.11.2020
Vulnerability lab
Med.
Froxlor 0.10.16 Cross Site Scripting
16.11.2020
Benjamin Kunz Mejri
Low
MailDepot 2033 2.3.3022 Cross Site Scripting
16.11.2020
Micha Borrmann
Low
Best Support System v3.0.5 - Authenticated Persistent XSS
12.11.2020
Ex.Mi
Low
Quick Chat plugin v4.14 - Unauthenticated Persistent XSS
12.11.2020
Ex.Mi
Low
Customer Support System 1.0 Cross Site Scripting
11.11.2020
Ahmed Abbas
Low
ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting
10.11.2020
Joe Helle
Low
Altair WordPress theme v4.8 - Unauthenticated Reflected XSS
10.11.2020
Ex.Mi
Low
Love Travel WordPress theme v3.8 - Unauthenticated Reflected XSS
10.11.2020
Ex.Mi
Low
Love Travel WordPress theme v1.9 - Unauthenticated Reflected XSS
10.11.2020
Ex.Mi
Low
Joplin 1.2.6 link Cross Site Scripting
09.11.2020
Philip Holbrook
Med.
Joomla JVTwitter - SQL Injection & XSS Vulnerabilities
07.11.2020
Gh05t666nero
Low
Fairness Web ID - Cross Site Scripting
06.11.2020
Gh05t666nero
Low
BlogEngine 3.3.8 Content Stored XSS
06.11.2020
Andrey Stoykov
Low
Multi Restaurant Table Reservation System 1.0 Cross Site Scripting
02.11.2020
yunaranyancat
Low
Agent Tesla Botnet Cross Site Scripting
31.10.2020
n4pst3r
Low
CSE Bookstore 1.0 Cross Site Scripting
31.10.2020
Vyshnav NK
Low
DedeCMS 5.8 Cross Site Scripting
31.10.2020
Noth
Low
Point Of Sales 1.0 Cross Site Scripting
30.10.2020
Ankita Pal
Low
PDW File Browser 1.3 new_filename Cross-Site Scripting (XSS)
30.10.2020
David Bimmel
Low
Lot Reservation Management System 1.0 Cross Site Scripting
29.10.2020
Ankita Pal
Low
Mailman 2.1.23 Cross Site Scripting
29.10.2020
Valerio Alessandroni
Low
Real Estate 7 WordPress theme v3.0.4 - Unauthenticated Reflected XSS
28.10.2020
Ex.Mi
Low
Pinky Chat v1.1 - Unauthenticated Persistent XSS
28.10.2020
Ex.Mi
Low
Genexis Platinum-4410 SSID Persistent XSS
26.10.2020
Amal Mohandas
Low
INLISLite v3.1 - Cross Site Scripting
24.10.2020
Gh05t666nero
Low
Online Discussion Forum Site 1.0 XSS in Messaging System
22.10.2020
j5oh
Low
WordPress Colorbox Lightbox 1.1.1 Cross Site Scripting
22.10.2020
n1x_
Low
School Faculty Scheduling System 1.0 Cross Site Scripting
21.10.2020
Jyotsna Adhana
Low
Nagios XI 5.7.3 Cross Site Scripting
19.10.2020
Matthew Aberegg
High
OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
19.10.2020
Martin Heiland
Low
Online Job Portal 1.0 Cross Site Scripting
19.10.2020
Akiner Kisa
Low
strawpoll Xss Stored
18.10.2020
0xSilver
Low
Employee Management System 1.0 Cross Site Scripting
16.10.2020
Ankita Pal
High
Sage DPW 2020_06_000 / 2020_06_001 XSS / File Upload
13.10.2020
Gerhard Hechenberger
Low
DynPG 4.9.1 Cross Site Scripting
13.10.2020
Enes Ozeser
Low
Kentico CMS 9.0-12.0.49 Cross Site Scripting
13.10.2020
Ataberk Yavuzer
Low
Seat Reservation System 1.0 Cross Site Scripting
09.10.2020
George Tsimpidas
Low
Atlassian Products Cross Site Scripting
09.10.2020
Roman Ferdigg
Low
Jaringan Dokumentasi dan Informasi Hukum - Cross Site Scripting
09.10.2020
Gh05t666nero
Low
Kabupaten Kulonprogo - Cross Site Scripting
08.10.2020
Gh05t666nero
Low
Krpano Panorama Viewer 1.20.8 Cross Site Scripting
06.10.2020
Adriano Marcio Monteir...
Low
laravel - Cross-site Scripting (Reflected)
04.10.2020
Saud Al3nzi
Low
tarad CMS - XSS Vulnerability
04.10.2020
Mostafa Farzaneh
Low
Photo Share Website 1.0 Cross Site Scripting
03.10.2020
Augkim
Low
Typesetter CMS 5.1 Cross Site Scripting
01.10.2020
Alperen Ergel
Low
Qiata FTA 1.70.19 Cross Site Scripting
30.09.2020
Patrick Hener
High
Joplin 1.0.245 Cross Site Scripting / Code Execution
29.09.2020
Ademar Nowasky Junior
Low
Anchor CMS 0.12.7 Cross Site Scripting
25.09.2020
Sinem Sahin
Low
Visitor Management System In PHP 1.0 Cross Site Scripting
23.09.2020
Rahul Ramkumar
Low
Navy Federal Cross Site Scripting
19.09.2020
Arthrocyber
Low
Piwigo 2.10.1 Cross Site Scripting
17.09.2020
Iridium
Low
Cabot 0.11.12 Cross Site Scripting
08.09.2020
Abhiram V
Low
Grocy 2.7.1 Cross Site Scripting
08.09.2020
Mufaddal Masalawala
Low
Best Support System v3.0.4 - Authenticated Persistent XSS
05.09.2020
Ex.Mi
Med.
Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell
05.09.2020
T. Weber
Low
Go CGI / FastCGI Transport Cross Site Scripting
02.09.2020
RedTeam
Low
Symphony CMS 3.0.0 Cross Site Scripting
30.08.2020
SunCSR
Low
Nagios Log Server 2.1.6 Cross Site Scripting
28.08.2020
Jinson Varghese Behana...
Low
LimeSurvey 4.3.10 Cross Site Scripting
25.08.2020
Matthew Aberegg
Low
Joomla Adagency 6.1.2 Cross Site Scripting
22.08.2020
Vincent666 ibn Winnie
Low
ElkarBackup 1.3.3 Cross Site Scripting
22.08.2020
Enes Özeser
Low
vBulletin 5.6.2 Persistent Cross Site Scripting
20.08.2020
Vincent666 ibn Winnie
Low
WordPress Colorbox Lightbox 1.1.2 Cross Site Scripting
18.08.2020
Melbin K Mathew
Low
XenForo 2.1.10 Patch 2 Cross Site Scripting
17.08.2020
Vincent666 ibn Winnie
Low
WordPress Fancybox Lightbox 1.0.1 Cross Site Scripting
17.08.2020
Melbin K Mathew
Low
WordPress Responsive Lightbox2 1.0.2 Cross Site Scripting
17.08.2020
Melbin K Mathew
Low
WordPress NextGen Gallery Sell Photo 1.0.5 Cross Site Scripting
17.08.2020
Melbin K Mathew
Low
Wordpress Easy Media Download 1.1.4 Cross Site Scripting
17.08.2020
Melbin K Mathew
Low
WordPress Sell Photo 1.0.5 Cross Site Scripting
15.08.2020
Melbin K Mathew
Low
vabase– Cross Site Scripting vulnerability (xss)
14.08.2020
Mostafa Farzaneh
Low
vBulletin 5.6.2 Cross Site Scripting
14.08.2020
Vincent666 ibn Winnie
Low
Tailor MS 1.0 Cross Site Scripting
11.08.2020
Bobby Cooke
Low
Mara CMS 7.5 Cross Site Scripting
04.08.2020
George Tsimpidas
Low
Gantt-Chart For Jira 5.5.4 Cross Site Scripting
04.08.2020
Sebastian Auwaerter
Low
Daily Tracker System 1.0 Cross Site Scripting
01.08.2020
hyd3sec
Low
Namirial SIGNificant SignAnyWhere 6.10.x Cross Site Scripting
31.07.2020
Philipp Espernberger
Med.
Konzept - Fullscreen Portfolio WordPress Theme v2.3 - Unauthenticated Reflected XSS
30.07.2020
Vlad Vector
Low
WordPress Maintenance Mode By SeedProd 5.1.1 Cross Site Scripting
30.07.2020
Jinson Varghese Behana...
Low
Virtual Airlines Manager 2.6.2 Persistent Cross-Site Scripting
27.07.2020
Peter Blue
Low
FoodBakery | Food Delivery Restaurant Directory WordPress Theme v1.9 - Unauthenticated Reflected XSS
27.07.2020
Vlad Vector
Low
Geo Magazine | Modern Responsive Newspaper | News Portal WordPress Theme v2.0 - Unauthenticated Reflected XSS
27.07.2020
Vlad Vector
Low
Home Villas | Real Estate WordPress Theme v2.2 - Multiple Vulnerabilities
27.07.2020
Vlad Vector
Med.
JobCareer | Job Board Responsive WordPress Theme v3.4 - Multiple Vulnerabilities
27.07.2020
Vlad Vector
Low
JobSearch WP Job Board WordPress Plugin v1.5.4 - Unauthenticated Reflected XSS
25.07.2020
Vlad Vector
Med.
Careerfy - Job Board WordPress Theme v4.3.0 - Unauthenticated Reflected XSS
25.07.2020
Vlad Vector
Low
Docsify.js 4.11.4 Cross Site Scripting
23.07.2020
Amin Sharifi


CVEMAP Search Results

CVE
Details
Description
2020-11-23
Waiting for details
CVE-2020-26239

Updating...
 

 
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which caused the HTML-escaped values to be unescaped, leading to XSS. Scratch Addons version 1.3.2 fixes the bug. The extension will be automatically updated by the browser. More Links addon can be disabled via the option of the extension.

 
Waiting for details
CVE-2020-26227

Updating...
 

 
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.

 
2020-11-19
Low
CVE-2020-22394

Vendor: Yzmcms
Software: Yzmcms
 

 
In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability.

 
Waiting for details
CVE-2020-28210

Updating...
 

 
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser.

 
Waiting for details
CVE-2020-7570

Updating...
 

 
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Cross-Site Scripting stored attack against other WebReport users.

 
Waiting for details
CVE-2020-7571

Updating...
 

 
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a Cross-Site Scripting reflected attack against other WebReport users.

 
2020-11-18
Low
CVE-2020-14208

Vendor: Salesagility
Software: Suitecrm
 

 
SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting (XSS) in the Documents preview functionality. This vulnerability could allow remote authenticated attackers to inject arbitrary web script or HTML.

 
2020-11-17
Low
CVE-2020-11860

Vendor: Microfocus
Software: Arcsight logger
 

 
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)

 
Low
CVE-2020-25832

Vendor: Microfocus
Software: FILR
 

 
Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack.

 
Low
CVE-2020-25833

Vendor: Microfocus
Software: IDOL
 

 
Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top