Search Results (83918 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-36551 1 Multi Restaurant Table Reservation System Project 1 Multi Restaurant Table Reservation System 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php.
CVE-2020-36550 1 Multi Restaurant Table Reservation System Project 1 Multi Restaurant Table Reservation System 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php.
CVE-2020-36510 1 Codetipi 1 15zine 2024-11-21 6.1 Medium
The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting
CVE-2020-36502 1 Swiftfiletransfer 1 Swift File Transfer 2024-11-21 6.1 Medium
Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the devicename parameter which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered as the device name itself.
CVE-2020-36501 1 Sugarcrm 1 Sugarcrm 2024-11-21 5.4 Medium
Multiple cross-site scripting (XSS) vulnerabilities in the Support module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary address state or alternate address state input fields.
CVE-2020-36499 1 Taotesting 1 Tao Assessment Platform 2024-11-21 5.4 Medium
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting (XSS) vulnerability in the content parameter of the Rubric Block (Add) module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rubric name value.
CVE-2020-36498 1 Macrob7 Macs Framework Content Management System Project 1 Macrob7 Macs Framework Content Management System 2024-11-21 5.4 Medium
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting (XSS) vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field.
CVE-2020-36497 1 Dedecms 1 Dedecms 2024-11-21 6.1 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component makehtml_homepage.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVE-2020-36496 1 Dedecms 1 Dedecms 2024-11-21 6.1 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVE-2020-36495 1 Dedecms 1 Dedecms 2024-11-21 6.1 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVE-2020-36494 1 Dedecms 1 Dedecms 2024-11-21 6.1 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVE-2020-36493 1 Dedecms 1 Dedecms 2024-11-21 5.4 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVE-2020-36492 1 Dedecms 1 Dedecms 2024-11-21 5.4 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVE-2020-36491 1 Dedecms 1 Dedecms 2024-11-21 5.4 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVE-2020-36490 1 Dedecms 1 Dedecms 2024-11-21 5.4 Medium
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVE-2020-36489 1 Dropouts 1 Air Share 2024-11-21 5.4 Medium
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the devicename parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the devicename information.
CVE-2020-36486 4 Apple, Blackberry, Google and 1 more 4 Iphone Os, Blackberry Os, Android and 1 more 2024-11-21 6.1 Medium
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.
CVE-2020-36463 1 Multiqueue Project 1 Multiqueue 2024-11-21 8.1 High
An issue was discovered in the multiqueue crate through 2020-12-25 for Rust. There are unconditional implementations of Send for InnerSend<RW, T>, InnerRecv<RW, T>, FutInnerSend<RW, T>, and FutInnerRecv<RW, T>.
CVE-2020-36462 1 Syncpool Project 1 Syncpool 2024-11-21 8.1 High
An issue was discovered in the syncpool crate before 0.1.6 for Rust. There is an unconditional implementation of Send for Bucket2.
CVE-2020-36461 1 Noise Search Project 1 Noise Search 2024-11-21 8.1 High
An issue was discovered in the noise_search crate through 2020-12-10 for Rust. There are unconditional implementations of Send and Sync for MvccRwLock.