Export limit exceeded: 363331 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363331 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-18698 | 1 Talelin | 1 Lin-cms-flask | 2024-11-21 | 9.8 Critical |
| Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'. | ||||
| CVE-2020-18694 | 1 Ignitedcms | 1 Ignitedcms | 2024-11-21 | 8.8 High |
| Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile". | ||||
| CVE-2020-18693 | 1 Mineweb | 1 Minewebcms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by injecting malicious code into the 'Title' field of the component '/admin/news'. | ||||
| CVE-2020-18685 | 1 Atlassian | 1 Floodlight | 2024-11-21 | 9.8 Critical |
| Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs. | ||||
| CVE-2020-18684 | 1 Atlassian | 1 Floodlight | 2024-11-21 | 9.8 Critical |
| Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number. | ||||
| CVE-2020-18683 | 1 Atlassian | 1 Floodlight | 2024-11-21 | 9.8 Critical |
| Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling. | ||||
| CVE-2020-18671 | 1 Roundcube | 1 Webmail | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php. | ||||
| CVE-2020-18670 | 1 Roundcube | 1 Webmail | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php. | ||||
| CVE-2020-18668 | 1 Webport | 1 Web Port | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerabililty in WebPort <=1.19.1 via the description parameter to script/listcalls. | ||||
| CVE-2020-18667 | 1 Webport | 1 Webport | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in WebPort <=1.19.1 via the new connection, parameter name in type-conn. | ||||
| CVE-2020-18665 | 1 Webport | 1 Web Port | 2024-11-21 | 5.3 Medium |
| Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings. | ||||
| CVE-2020-18664 | 1 Webport | 1 Web Port | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in WebPort <=1.19.1via the connection name parameter in type-conn. | ||||
| CVE-2020-18663 | 1 Sir | 1 Gnuboard | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the act parameter in bbs/move_update.php. | ||||
| CVE-2020-18662 | 1 Sir | 1 Gnuboard | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php. | ||||
| CVE-2020-18661 | 1 Sir | 1 Gnuboard | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.php. | ||||
| CVE-2020-18660 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 6.1 Medium |
| GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter. | ||||
| CVE-2020-18659 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php | ||||
| CVE-2020-18658 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 6.1 Medium |
| Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to settings.php. | ||||
| CVE-2020-18657 | 1 Get-simple | 1 Getsimplecms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function. | ||||
| CVE-2020-18654 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the "Title" parameter in the component "/coreframe/app/guestbook/myissue.php". | ||||