CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (326423 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-23241	1 Cmsmadesimple	1 Cms Made Simple	2024-11-21	4.8 Medium
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
CVE-2020-23240	1 Cmsmadesimple	1 Cms Made Simple	2024-11-21	4.8 Medium
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.
CVE-2020-23239	1 Textpattern	1 Textpattern	2024-11-21	4.8 Medium
Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature.
CVE-2020-23238	1 Evo	1 Evolution Cms	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
CVE-2020-23234	1 Lavalite	1 Lavalite	2024-11-21	4.8 Medium
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
CVE-2020-23226	2 Cacti, Debian	2 Cacti, Debian Linux	2024-11-21	6.1 Medium
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.
CVE-2020-23219	1 Monstra	1 Monstra Cms	2024-11-21	8.8 High
Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.
CVE-2020-23217	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add a list" field under the "Import Emails" module.
CVE-2020-23214	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Configure categories" field under the "Categorise Lists" module.
CVE-2020-23209	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "List Description" field under the "Edit A List" module.
CVE-2020-23208	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Send test" field under the "Start or continue campaign" module.
CVE-2020-23207	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Edit Values" field under the "Configure Attributes" module.
CVE-2020-23205	1 Monstra	1 Monstra Cms	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in Monstra CMS version 3.0.4 allows attackers to execute arbitrary web scripts or HTML via crafted a payload entered into the "Site Name" field under the "Site Settings" module.
CVE-2020-23194	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in the "Import Subscribers" feature in phplist 3.5.4 and below allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2020-23192	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload in the "admin" parameter under the "Manage administrators" module.
CVE-2020-23190	1 Phplist	1 Phplist	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2020-23185	1 Php-fusion	1 Php-fusion	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in /administration/setting_security.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2020-23184	1 Php-fusion	1 Php-fusion	2024-11-21	5.4 Medium
A stored cross site scripting (XSS) vulnerability in /administration/settings_registration.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Registration" field.
CVE-2020-23182	1 Php-fusion	1 Php-fusion	2024-11-21	5.4 Medium
The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows attackers to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel.
CVE-2020-23181	1 Php-fusion	1 Php-fusion	2024-11-21	5.4 Medium
A reflected cross site scripting (XSS) vulnerability in /administration/theme.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Manage Theme" field.

« first previous Page 13068 of 16322. next last »