CVE-2020-19292 (jeesns)
A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted…
Devamını oku
Kategori: NIST-Təhlükəsizlik Zəiflikləri
CVE-2020-19293 (jeesns)
A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted…
CVE-2020-19281 (jeesns)
A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted…
CVE-2020-19282 (jeesns)
A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system…
CVE-2020-19283 (jeesns)
A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML. Devamını Oku
CVE-2020-19284 (jeesns)
A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted…
CVE-2020-19280
Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations. Devamını Oku
CVE-2020-19264
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd. Devamını Oku
CVE-2020-19265
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML. Devamını Oku
CVE-2020-19266
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML. Devamını Oku