CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 41175 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-20695	1 Gilacms	1 Gila Cms	2024-11-21	5.4 Medium
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVE-2020-20645	1 Eyoucms	1 Eyoucms	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area.
CVE-2020-20640	1 Shopex	1 Ecshop	2024-11-21	6.1 Medium
Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability.
CVE-2020-20633	1 Cookielawinfo	1 Gdpr Cookie Consent	2024-11-21	5.4 Medium
ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation.
CVE-2020-20628	1 Appsaloon	1 Wp-gdpr	2024-11-21	6.1 Medium
controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS.
CVE-2020-20626	1 Lara\'s Google Analytics Project	1 Lara\'s Google Analytics	2024-11-21	5.4 Medium
lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS.
CVE-2020-20605	1 Personal Blog Cms Project	1 Personal Blog Cms	2024-11-21	6.1 Medium
Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component.
CVE-2020-20600	1 Metinfo	1 Metinfo	2024-11-21	5.4 Medium
MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerability in the $name parameter of admin/?n=column&c=index&a=doAddColumn.
CVE-2020-20598	1 Mossle	1 Lemon	2024-11-21	6.1 Medium
A cross-site scripting (XSS) vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-20597	1 Mossle	1 Lemon	2024-11-21	6.1 Medium
A cross-site scripting (XSS) vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-20584	1 Baigo	1 Baigo Cms	2024-11-21	6.1 Medium
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
CVE-2020-20545	1 Seeyon	1 G6 Government Collaborative System	2024-11-21	5.4 Medium
Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.
CVE-2020-20523	1 Gilacms	1 Gila Cms	2024-11-21	6.1 Medium
Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation.
CVE-2020-20508	1 Shopkit Project	1 Shopkit	2024-11-21	6.1 Medium
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20426	1 S-cms	1 S-cms	2024-11-21	6.1 Medium
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php.
CVE-2020-20425	1 S-cms	1 S-cms	2024-11-21	6.1 Medium
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.
CVE-2020-20406	1 Elementor	1 Elementor Page Builder	2024-11-21	5.4 Medium
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes.
CVE-2020-20391	1 Get-simple	1 Getsimplecms	2024-11-21	5.4 Medium
Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.
CVE-2020-20389	1 Get-simple	1 Getsimplecms	2024-11-21	4.8 Medium
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.
CVE-2020-20363	1 Pbootcms	1 Pbootcms	2024-11-21	4.8 Medium
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.

« first previous Page 1713 of 2059. next last »