Search
Search Results (45352 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-20527 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | 6.1 Medium |
| Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp serverURL parameter. | ||||
| CVE-2019-20526 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | 6.1 Medium |
| Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp password parameter. | ||||
| CVE-2019-20525 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | 6.1 Medium |
| Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter. | ||||
| CVE-2019-20524 | 1 Ilch | 1 Ilch Cms | 2024-11-21 | 6.1 Medium |
| ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter. | ||||
| CVE-2019-20523 | 1 Ilch | 1 Ilch Cms | 2024-11-21 | 6.1 Medium |
| ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name parameter. | ||||
| CVE-2019-20522 | 1 Ilch | 1 Ilch Cms | 2024-11-21 | 6.1 Medium |
| ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link parameter. | ||||
| CVE-2019-20521 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI. | ||||
| CVE-2019-20520 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/method/ URI. | ||||
| CVE-2019-20519 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafted e-mail address. | ||||
| CVE-2019-20518 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ URI. | ||||
| CVE-2019-20517 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ URI. | ||||
| CVE-2019-20516 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the blog/ URI. | ||||
| CVE-2019-20515 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the addresses/ URI. | ||||
| CVE-2019-20514 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the address/ URI. | ||||
| CVE-2019-20513 | 1 Edx | 1 Open Edx | 2024-11-21 | 6.1 Medium |
| Open edX Ironwood.1 allows support/certificates?user= reflected XSS. | ||||
| CVE-2019-20512 | 1 Open.edx | 1 Ironwood | 2024-11-21 | 6.1 Medium |
| Open edX Ironwood.1 allows support/certificates?course_id= reflected XSS. | ||||
| CVE-2019-20511 | 1 Frappe | 1 Erpnext | 2024-11-21 | 6.1 Medium |
| ERPNext 11.1.47 allows blog?blog_category= Frame Injection. | ||||
| CVE-2019-20497 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.4 Medium |
| cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533). | ||||
| CVE-2019-20493 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.1 Medium |
| cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520). | ||||
| CVE-2019-20486 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 6.1 Medium |
| An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_index.htm) within the web management console are vulnerable to stored XSS, as demonstrated by the configuration of the UI language. | ||||