Search Results (83756 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-20508 1 Shopkit Project 1 Shopkit 2024-11-21 6.1 Medium
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20490 1 Libiec Iccp Mod Project 1 Libiec Iccp Mod 2024-11-21 7.5 High
A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5 leads to a denial of service (DOS).
CVE-2020-20486 1 Iec104 Project 1 Iec104 2024-11-21 7.5 High
IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr.
CVE-2020-20426 1 S-cms 1 S-cms 2024-11-21 6.1 Medium
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php.
CVE-2020-20425 1 S-cms 1 S-cms 2024-11-21 6.1 Medium
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.
CVE-2020-20406 1 Elementor 1 Elementor Page Builder 2024-11-21 5.4 Medium
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes.
CVE-2020-20391 1 Get-simple 1 Getsimplecms 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.
CVE-2020-20389 1 Get-simple 1 Getsimplecms 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.
CVE-2020-20363 1 Pbootcms 1 Pbootcms 2024-11-21 4.8 Medium
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
CVE-2020-20349 1 Wtcms Project 1 Wtcms 2024-11-21 5.4 Medium
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.
CVE-2020-20348 1 Wtcms Project 1 Wtcms 2024-11-21 5.4 Medium
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.
CVE-2020-20347 1 Wtcms Project 1 Wtcms 2024-11-21 5.4 Medium
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.
CVE-2020-20345 1 Wtcms Project 1 Wtcms 2024-11-21 5.4 Medium
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.
CVE-2020-20344 1 Wtcms Project 1 Wtcms 2024-11-21 5.4 Medium
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.
CVE-2020-20285 1 Zzcms 1 Zzcms 2024-11-21 5.4 Medium
There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php
CVE-2020-20276 1 Troglobit 1 Uftpd 2024-11-21 9.8 Critical
An unauthenticated stack-based buffer overflow vulnerability in common.c's handle_PORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution.
CVE-2020-20267 1 Mikrotik 1 Routeros 2024-11-21 6.5 Medium
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
CVE-2020-20266 1 Mikrotik 1 Routeros 2024-11-21 6.5 Medium
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20265 1 Mikrotik 1 Routeros 2024-11-21 6.5 Medium
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.
CVE-2020-20254 1 Mikrotik 1 Routeros 2024-11-21 6.5 Medium
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).