CVE-2020-28150
I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect. Devamını Oku
Devamını oku
CVE-2020-28149
myDBR 5.8.3/4262 is affected by: Cross Site Scripting (XSS). The impact is: execute arbitrary code (remote). The component is: CSRF Token. The attack vector is: CSRF token injection to XSS. Devamını Oku
CVE-2020-28146
Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and earlier via the addonfieldext parameter. Devamını Oku
CVE-2020-28145
Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframeappattachmentadminindex.php, which allows attackers to access sensitive information. Devamını Oku
CVE-2020-28141 (online_discussion_forum)
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page. Devamını Oku
CVE-2020-28141
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page. Devamını Oku
CVE-2020-28137 (platinum_4410_firmware)
Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router. Devamını Oku
CVE-2020-28137
Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router. Devamını Oku
CVE-2020-28124 (lavalite)
Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field. Devamını Oku
CVE-2020-28124
Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field. Devamını Oku
CVE-2020-28119 (53kf)
Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window. Devamını Oku
CVE-2020-28119
Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window. Devamını Oku