|
209461
|
4.8 |
MEDIUM
Network
|
dell
|
wyse_management_suite
|
Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with high privileges could exploit this vulnerability to st…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29496
|
2024-11-21 14:24 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209462
|
10.0 |
CRITICAL
Network
|
dell
|
wyse_thinos
|
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-29492
|
2024-11-21 14:24 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209463
|
8.6 |
HIGH
Network
|
dell
|
wyse_thinos
|
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the s…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-29491
|
2024-11-21 14:24 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209464
|
4.8 |
MEDIUM
Network
|
invisioncommunity
|
community
|
Invision Community 4.5.4 is affected by cross-site scripting (XSS) in the Field Name field. This vulnerability can allow an attacker to inject the XSS payload in Field Name and each time any user wil…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29477
|
2024-11-21 14:24 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209465
|
5.4 |
MEDIUM
Network
|
wondercms
|
wondercms
|
WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will v…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29469
|
2024-11-21 14:24 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209466
|
9.8 |
CRITICAL
Network
|
rocket.chat
|
rocket.chat
|
Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login.
|
NVD-CWE-noinfo
|
CVE-2020-29594
|
2024-11-21 14:24 |
2020-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209467
|
4.8 |
MEDIUM
Network
|
opencart
|
opencart
|
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image. An admin can upload a profile image as a malicious code using JavaScript. Whenever anyone will see the profile picture…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29471
|
2024-11-21 14:24 |
2020-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209468
|
4.8 |
MEDIUM
Network
|
opencart
|
opencart
|
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail. This vulnerability can allow an attacker to inject the XSS payload in the Subject field of the mail and each t…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29470
|
2024-11-21 14:24 |
2020-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209469
|
4.8 |
MEDIUM
Network
|
nopcommerce
|
store
|
nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in the Schedule tasks name field. This vulnerability can allow an attacker to inject the XSS payload in Schedule tasks and each time a…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29475
|
2024-11-21 14:24 |
2020-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209470
|
9.8 |
CRITICAL
Network
|
egavilanmedia
|
egm_address_book
|
EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
|
CWE-89
SQL Injection
|
CVE-2020-29474
|
2024-11-21 14:24 |
2020-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
