|
201441
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36496
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201442
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36495
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201443
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36494
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201444
|
5.4 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` an…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36493
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201445
|
5.4 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` …
|
CWE-79
Cross-site Scripting
|
CVE-2020-36492
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201446
|
5.4 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36491
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201447
|
5.4 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEdit…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36490
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201448
|
5.4 |
MEDIUM
Network
|
dropouts
|
air_share
|
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the devicename parameter. This vulnerability allows attackers to execute arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36489
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201449
|
6.5 |
MEDIUM
Network
|
sky_file_project
|
sky_file
|
An issue in the FTP server of Sky File v2.1.0 allows attackers to perform directory traversal via `/null//` path commands.
|
CWE-22
Path Traversal
|
CVE-2020-36488
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201450
|
6.1 |
MEDIUM
Network
|
swiftfiletransfer
|
swift_file_transfer
|
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36486
|
2024-11-21 14:29 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
