|
208921
|
8.0 |
HIGH
Network
|
taotesting
|
tao_assessment_platform
|
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows atta…
|
CWE-74
Injection
|
CVE-2020-23050
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208922
|
5.4 |
MEDIUM
Network
|
fork-cms
|
fork_cms
|
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vu…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23049
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208923
|
6.1 |
MEDIUM
Network
|
seeddms
|
seeddms
|
SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the component AddEvent.php via the name and comment parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23048
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208924
|
6.1 |
MEDIUM
Network
|
macs_cms_project
|
macs_cms
|
Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a cross-site scripting (XSS) vulnerability in the search input field of the search module.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23047
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208925
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tpl.php via the `filename`, `mid`, `userid`, and `templet' parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23046
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208926
|
7.2 |
HIGH
Network
|
macs_cms_project
|
macs_cms
|
Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection vulnerability via the 'roleId' parameter of the `editRole` and `deletUser` modules.
|
CWE-89
SQL Injection
|
CVE-2020-23045
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208927
|
5.4 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor`…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23044
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208928
|
8.8 |
HIGH
Network
|
air_sender_project
|
air_sender
|
Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-23043
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208929
|
6.1 |
MEDIUM
Network
|
dropouts
|
super_backup
|
Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` module. This vulnerability allows…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23042
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208930
|
6.1 |
MEDIUM
Network
|
dropouts
|
air_share
|
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` exception-handling. This vulnerability…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23041
|
2024-11-21 14:13 |
2021-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
