| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-23014 | APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ th... | E S | |
| CVE-2020-23015 | An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in lo... | E | |
| CVE-2020-23026 | A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of servi... | | |
| CVE-2020-23036 | MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in... | E | |
| CVE-2020-23037 | Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which... | E | |
| CVE-2020-23038 | Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vuln... | E | |
| CVE-2020-23039 | Folder Lock v3.4.5 was discovered to contain a stored cross-site scripting (XSS) vulnerability in th... | E | |
| CVE-2020-23040 | Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attacker... | E | |
| CVE-2020-23041 | Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vuln... | E | |
| CVE-2020-23042 | Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS)... | E | |
| CVE-2020-23043 | Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the up... | E | |
| CVE-2020-23044 | DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in th... | E | |
| CVE-2020-23045 | Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection v... | E | |
| CVE-2020-23046 | DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in th... | E | |
| CVE-2020-23047 | Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a cross-site scri... | E | |
| CVE-2020-23048 | SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerabil... | E | |
| CVE-2020-23049 | Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting (XSS) vul... | E | |
| CVE-2020-23050 | TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerabi... | E | |
| CVE-2020-23051 | Phpgurukul User Registration & User Management System v2.0 was discovered to contain multiple stored... | E | |
| CVE-2020-23052 | Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vu... | E | |
| CVE-2020-23054 | A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows a... | E | |
| CVE-2020-23055 | ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 & WLC-4006 was discovered to contain mult... | E | |
| CVE-2020-23058 | An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to acc... | E | |
| CVE-2020-23060 | Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/... | E | |
| CVE-2020-23061 | Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path paramet... | E | |
| CVE-2020-23064 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-11023. Reason: This candidat... | R | |
| CVE-2020-23065 | Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v... | | |
| CVE-2020-23066 | Rejected reason: DO NOT USE THIS CVE ID NUMBER. Consult IDs: CVE-2020-17480. Reason: This CVE Record... | R | |
| CVE-2020-23069 | Path Traversal vulneraility exists in webTareas 2.0 via the extpath parameter in general_serv.php, w... | E | |
| CVE-2020-23079 | SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server int... | E | |
| CVE-2020-23083 | Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code... | E | |
| CVE-2020-23109 | Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v... | E | |
| CVE-2020-23126 | Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affe... | S | |
| CVE-2020-23127 | Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by t... | E S | |
| CVE-2020-23128 | Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions admin... | E S | |
| CVE-2020-23129 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-23130 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-23136 | Microweber v1.1.18 is affected by no session expiry after log-out.... | | |
| CVE-2020-23138 | An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page... | | |
| CVE-2020-23139 | Microweber 1.1.18 is affected by broken authentication and session management. Local session hijacki... | | |
| CVE-2020-23140 | Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both sess... | | |
| CVE-2020-23148 | The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to per... | E | |
| CVE-2020-23149 | The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to per... | E | |
| CVE-2020-23150 | A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitiv... | E | |
| CVE-2020-23151 | rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArch... | E | |
| CVE-2020-23160 | Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated... | E | |
| CVE-2020-23161 | Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated ... | E | |
| CVE-2020-23162 | Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices bef... | E | |
| CVE-2020-23171 | A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbit... | E | |
| CVE-2020-23172 | A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary d... | E | |
| CVE-2020-23178 | An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, al... | E | |
| CVE-2020-23179 | A stored cross site scripting (XSS) vulnerability in administration/settings_main.php of PHP-Fusion ... | E | |
| CVE-2020-23181 | A reflected cross site scripting (XSS) vulnerability in /administration/theme.php of PHP-Fusion 9.03... | E | |
| CVE-2020-23182 | The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows... | E | |
| CVE-2020-23184 | A stored cross site scripting (XSS) vulnerability in /administration/settings_registration.php of PH... | E | |
| CVE-2020-23185 | A stored cross site scripting (XSS) vulnerability in /administration/setting_security.php of PHP-Fus... | E | |
| CVE-2020-23190 | A stored cross site scripting (XSS) vulnerability in the "Import emails" module in phplist 3.5.4 all... | E S | |
| CVE-2020-23192 | A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows authenticated at... | E S | |
| CVE-2020-23194 | A stored cross site scripting (XSS) vulnerability in the "Import Subscribers" feature in phplist 3.5... | E S | |
| CVE-2020-23205 | A stored cross site scripting (XSS) vulnerability in Monstra CMS version 3.0.4 allows attackers to e... | E | |
| CVE-2020-23207 | A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbit... | E S | |
| CVE-2020-23208 | A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbit... | E S | |
| CVE-2020-23209 | A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbit... | E | |
| CVE-2020-23214 | A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbit... | E S | |
| CVE-2020-23217 | A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbit... | E | |
| CVE-2020-23219 | Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the ... | E | |
| CVE-2020-23226 | Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php,... | E | |
| CVE-2020-23234 | Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, wh... | E | |
| CVE-2020-23238 | Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.... | E | |
| CVE-2020-23239 | Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Pref... | E | |
| CVE-2020-23240 | Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content... | E | |
| CVE-2020-23241 | Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" f... | E | |
| CVE-2020-23242 | Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the... | E | |
| CVE-2020-23243 | Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_red... | E | |
| CVE-2020-23249 | GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.... | | |
| CVE-2020-23250 | GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.... | | |
| CVE-2020-23255 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-23256 | An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverifie... | E S | |
| CVE-2020-23257 | Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker to cause a denial of serv... | E | |
| CVE-2020-23258 | An issue found in Jsish v.3.0.11 allows a remote attacker to cause a denial of service via the Jsi_V... | E S | |
| CVE-2020-23259 | An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the ... | E S | |
| CVE-2020-23260 | An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the ... | E S | |
| CVE-2020-23262 | An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection wit... | E | |
| CVE-2020-23263 | Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to i... | S | |
| CVE-2020-23264 | Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the auth... | S | |
| CVE-2020-23266 | An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based... | E | |
| CVE-2020-23267 | An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_pro... | E | |
| CVE-2020-23269 | An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a... | E | |
| CVE-2020-23273 | Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows at... | E | |
| CVE-2020-23282 | SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a no... | E | |
| CVE-2020-23283 | Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to k... | E | |
| CVE-2020-23284 | Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and pa... | | |
| CVE-2020-23302 | There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2... | E S | |
| CVE-2020-23303 | There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2... | E S | |
| CVE-2020-23306 | There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0.... | E S | |
| CVE-2020-23308 | There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:356... | E S | |
| CVE-2020-23309 | There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser... | E S | |
| CVE-2020-23310 | There is an Assertion 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at js-p... | E S | |
| CVE-2020-23311 | There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_... | E S | |
| CVE-2020-23312 | There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185... | E S | |
| CVE-2020-23313 | There is an Assertion 'scope_stack_p > context_p->scope_stack_p' failed at js-scanner-util.c:2510 in... | E S | |
| CVE-2020-23314 | There is an Assertion 'block_found' failed at js-parser-statm.c:2003 parser_parse_try_statement_end ... | E S | |
| CVE-2020-23315 | There is an ASSERTION (pFuncBody->GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext... | E | |
| CVE-2020-23319 | There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) >= CBC_STACK_ADJUST_BASE || (CBC_STACK_A... | E S | |
| CVE-2020-23320 | There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' in parser_p... | E S | |
| CVE-2020-23321 | There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript ... | E S | |
| CVE-2020-23322 | There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEX... | E S | |
| CVE-2020-23323 | There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.... | E S | |
| CVE-2020-23327 | Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execut... | E | |
| CVE-2020-23330 | An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2... | E S | |
| CVE-2020-23331 | An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Desc... | E | |
| CVE-2020-23332 | A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in ... | E | |
| CVE-2020-23333 | A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4... | E S | |
| CVE-2020-23334 | A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of... | E S | |
| CVE-2020-23341 | A reflected cross site scripting (XSS) vulnerability in the /header.tmpl.php component of ATutor 2.2... | E | |
| CVE-2020-23342 | A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Del... | E | |
| CVE-2020-23349 | An intent redirection issue was doscovered in Sina Weibo Android SDK 4.2.7 (com.sina.weibo.sdk.share... | E | |
| CVE-2020-23352 | Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic ha... | S | |
| CVE-2020-23355 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate(... | | |
| CVE-2020-23356 | dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass becaus... | | |
| CVE-2020-23359 | WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it u... | E | |
| CVE-2020-23360 | oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a n... | E | |
| CVE-2020-23361 | phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password h... | E | |
| CVE-2020-23362 | Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to... | E | |
| CVE-2020-23363 | Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows ... | E | |
| CVE-2020-23369 | In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFR... | E | |
| CVE-2020-23370 | In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php act... | E | |
| CVE-2020-23371 | Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swf... | E | |
| CVE-2020-23373 | Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authe... | E | |
| CVE-2020-23374 | Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote a... | E | |
| CVE-2020-23376 | NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by add... | E | |
| CVE-2020-23426 | zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.... | E | |
| CVE-2020-23438 | Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.... | E | |
| CVE-2020-23446 | Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure v... | E | |
| CVE-2020-23447 | newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xs... | E | |
| CVE-2020-23448 | newbee-mall all versions are affected by incorrect access control to remotely gain privileges throug... | E | |
| CVE-2020-23449 | newbee-mall all versions are affected by incorrect access control to remotely gain privileges throug... | E S | |
| CVE-2020-23450 | Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vuln... | E | |
| CVE-2020-23451 | Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/set... | E | |
| CVE-2020-23452 | A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute ar... | E | |
| CVE-2020-23466 | Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration Syste... | E | |
| CVE-2020-23469 | gmate v0.12+bionic contains a regular expression denial of service (ReDoS) vulnerability in the gedi... | E | |
| CVE-2020-23478 | Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerabi... | E S | |
| CVE-2020-23481 | CMS Made Simple 2.2.14 was discovered to contain a cross-site scripting (XSS) vulnerability which al... | E | |
| CVE-2020-23489 | The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. This ... | S | |
| CVE-2020-23490 | There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. An unauthen... | E S | |
| CVE-2020-23512 | VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain com... | E | |
| CVE-2020-23517 | Cross Site Scripting (XSS) vulnerability in Aryanic HighMail (High CMS) versions 2020 and before all... | E | |
| CVE-2020-23518 | Cross Site Scripting (XSS) vulnerability in UltimateKode Neo Billing - Accounting, Invoicing And CRM... | E | |
| CVE-2020-23520 | imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture... | E | |
| CVE-2020-23522 | Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.... | E | |
| CVE-2020-23533 | Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of Cryptogra... | | |
| CVE-2020-23534 | A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the... | E | |
| CVE-2020-23539 | An issue was discovered in Realtek rtl8723de BLE Stack <= 4.1 that allows remote attackers to cause ... | E | |
| CVE-2020-23545 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x00000000000... | | |
| CVE-2020-23546 | IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts v... | | |
| CVE-2020-23549 | IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts v... | | |
| CVE-2020-23550 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23551 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23552 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23553 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23554 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23555 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23556 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000... | | |
| CVE-2020-23557 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23558 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23559 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23560 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23561 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23562 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23563 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W... | | |
| CVE-2020-23564 | File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run arbitrary code via SEMCMS_Upf... | E | |
| CVE-2020-23565 | Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to ... | | |
| CVE-2020-23566 | Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1e... | | |
| CVE-2020-23567 | Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file.... | E | |
| CVE-2020-23572 | BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /adm... | E | |
| CVE-2020-23574 | When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" p... | E | |
| CVE-2020-23575 | A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploita... | E | |
| CVE-2020-23576 | Laborator Neon dashboard v3 is affected by stored Cross Site Scripting (XSS) via the chat tab.... | E | |
| CVE-2020-23580 | Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board.... | E | |
| CVE-2020-23582 | A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow a... | | |
| CVE-2020-23583 | OPTILINK OP-XT71000N V2.2 is vulnerable to Remote Code Execution. The issue occurs when the attacker... | | |
| CVE-2020-23584 | Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when th... | | |
| CVE-2020-23585 | A remote attacker can conduct a cross-site request forgery (CSRF) attack on OPTILINK OP-XT71000N Har... | | |
| CVE-2020-23586 | A vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-1... | | |
| CVE-2020-23587 | A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3... | | |
| CVE-2020-23588 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 ... | | |
| CVE-2020-23589 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 ... | | |
| CVE-2020-23590 | A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028 ... | | |
| CVE-2020-23591 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 ... | | |
| CVE-2020-23592 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 ... | | |
| CVE-2020-23593 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028 a... | | |
| CVE-2020-23595 | Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to es... | E | |
| CVE-2020-23617 | A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2... | | |
| CVE-2020-23618 | A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to e... | | |
| CVE-2020-23620 | The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vu... | | |
| CVE-2020-23621 | The Java Remote Management Interface of all versions of SVI MS Management System was discovered to c... | | |
| CVE-2020-23622 | An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause ... | E S | |
| CVE-2020-23630 | A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).... | E | |
| CVE-2020-23631 | Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers... | E | |
| CVE-2020-23639 | A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower ... | | |
| CVE-2020-23643 | XSS exists in JIZHICMS 1.7.1 via index.php/Wechat/checkWeixin?signature=1&echostr={XSS] to Home/c/We... | E | |
| CVE-2020-23644 | XSS exists in JIZHICMS 1.7.1 via index.php/Error/index?msg={XSS] to Home/c/ErrorController.php.... | E | |
| CVE-2020-23647 | Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote at... | E | |
| CVE-2020-23648 | Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp /... | E | |
| CVE-2020-23653 | An insecure unserialize vulnerability was discovered in ThinkAdmin versions 4.x through 6.x in app/a... | E | |
| CVE-2020-23654 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) via the module "Shop."... | E | |
| CVE-2020-23655 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."... | E | |
| CVE-2020-23656 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content."... | E | |
| CVE-2020-23657 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."... | E | |
| CVE-2020-23658 | PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_ad... | E | |
| CVE-2020-23659 | WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the "connections" feature.... | E | |
| CVE-2020-23660 | webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Search."... | E | |
| CVE-2020-23679 | Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execut... | E | |
| CVE-2020-23680 | An issue was discovered in function StartPage in text2pdf.c in pdfcorner text2pdf 1.1, allows attack... | S | |
| CVE-2020-23685 | SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to execute arbitrary code and ga... | E | |
| CVE-2020-23686 | Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an admini... | E | |
| CVE-2020-23689 | In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.... | E | |
| CVE-2020-23691 | YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.... | E | |
| CVE-2020-23697 | Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php.... | E | |
| CVE-2020-23700 | Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature.... | E | |
| CVE-2020-23702 | Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbo... | E | |
| CVE-2020-23705 | A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 all... | E | |
| CVE-2020-23706 | A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_... | E | |
| CVE-2020-23707 | A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_j... | E | |
| CVE-2020-23710 | Cross Site Scripting (XSS) vulneraiblity in LimeSurvey 4.2.5 on textbox via the Notifications & data... | S | |
| CVE-2020-23711 | SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.ph... | E S | |
| CVE-2020-23715 | Directory Traversal vulnerability in Webport CMS 1.19.10.17121 via the file parameter to file/downlo... | E | |
| CVE-2020-23718 | Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitr... | E | |
| CVE-2020-23719 | Cross site scripting (XSS) vulnerability in application/controllers/AdminController.php in xujinlian... | E | |
| CVE-2020-23721 | An issue was discovered in FUEL CMS V1.4.7. An attacker can use a XSS payload and bypass a filter vi... | E | |
| CVE-2020-23722 | An issue was discovered in FUEL CMS 1.4.7. There is a escalation of privilege vulnerability to obtai... | E | |
| CVE-2020-23726 | There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause compute... | | |
| CVE-2020-23727 | There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.1... | E | |
| CVE-2020-23735 | In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability. Attackers... | | |
| CVE-2020-23736 | There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use ... | E | |
| CVE-2020-23738 | There is a local denial of service vulnerability in Advanced SystemCare 13 PRO 13.5.0.174. Attackers... | | |
| CVE-2020-23740 | In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizar... | | |
| CVE-2020-23741 | In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service ... | | |
| CVE-2020-23754 | Cross Site Scripting (XSS) vulnerability in infusions/member_poll_panel/poll_admin.php in PHP-Fusion... | | |
| CVE-2020-23761 | Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote attackers to ... | E | |
| CVE-2020-23762 | Cross Site Scripting (XSS) vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress... | E | |
| CVE-2020-23763 | SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL... | E | |
| CVE-2020-23765 | A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit ... | E | |
| CVE-2020-23766 | An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attacker... | E S | |
| CVE-2020-23768 | An information disclosure vulnerability was discovered in alipay_function.php in the log file of Ali... | E | |
| CVE-2020-23774 | A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScrip... | E | |
| CVE-2020-23776 | A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An atta... | E | |
| CVE-2020-23790 | An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.... | E | |
| CVE-2020-23793 | An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product... | E | |
| CVE-2020-23804 | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a ... | E S | |
| CVE-2020-23811 | xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controlle... | | |
| CVE-2020-23814 | Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inje... | E | |
| CVE-2020-23824 | ArGo Soft Mail Server 1.8.8.9 is affected by Cross Site Request Forgery (CSRF) for perform remote ar... | E | |
| CVE-2020-23826 | The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through ... | E | |
| CVE-2020-23828 | A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attacker... | E | |
| CVE-2020-23829 | interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suffers from an authenticated file... | E | |
| CVE-2020-23830 | A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Mana... | E | |
| CVE-2020-23831 | A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of Source... | E | |
| CVE-2020-23832 | A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rent... | E | |
| CVE-2020-23833 | Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowin... | E | |
| CVE-2020-23834 | Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow loc... | E | |
| CVE-2020-23835 | A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of Source... | E | |
| CVE-2020-23836 | A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in OSWAPP Warehouse Inventory Sys... | E | |
| CVE-2020-23837 | A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS a... | E | |
| CVE-2020-23839 | A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.ph... | E | |
| CVE-2020-23849 | Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executin... | E | |
| CVE-2020-23851 | A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(v... | E | |
| CVE-2020-23852 | A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(vo... | E | |
| CVE-2020-23856 | Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/par... | E | |
| CVE-2020-23861 | A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page functi... | E S | |
| CVE-2020-23864 | An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possibl... | E | |
| CVE-2020-23868 | NeDi 1.9C allows inc/rt-popup.php d XSS.... | E | |
| CVE-2020-23872 | A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers t... | E | |
| CVE-2020-23873 | pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.... | E | |
| CVE-2020-23874 | pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributs... | E | |
| CVE-2020-23876 | pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.... | E | |
| CVE-2020-23877 | pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream.... | E | |
| CVE-2020-23878 | pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.... | E | |
| CVE-2020-23879 | pdf2json v0.71 was discovered to contain a NULL pointer dereference in the component ObjectStream::g... | E | |
| CVE-2020-23884 | A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafte... | E | |
| CVE-2020-23886 | XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial... | E | |
| CVE-2020-23887 | XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial... | E | |
| CVE-2020-23888 | A User Mode Write AV in Editor!TMethodImplementationIntercept+0x53f6c3 of WildBit Viewer v6.6 allows... | E | |
| CVE-2020-23889 | A User Mode Write AV starting at Editor!TMethodImplementationIntercept+0x4189c6 of WildBit Viewer v6... | E | |
| CVE-2020-23890 | A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a c... | E | |
| CVE-2020-23891 | A User Mode Write AV in Editor+0x5cd7 of WildBit Viewer v6.6 allows attackers to cause a denial of s... | E | |
| CVE-2020-23893 | A User Mode Write AV in Editor!TMethodImplementationIntercept+0x3c3682 of WildBit Viewer v6.6 allows... | E | |
| CVE-2020-23894 | A User Mode Write AV in ntdll!RtlpCoalesceFreeBlocks+0x268 of WildBit Viewer v6.6 allows attackers t... | | |
| CVE-2020-23895 | A User Mode Write AV in Editor+0x76af of WildBit Viewer v6.6 allows attackers to cause a denial of s... | E | |
| CVE-2020-23896 | A User Mode Write AV in Editor+0x576b of WildBit Viewer v6.6 allows attackers to cause a denial of s... | E | |
| CVE-2020-23897 | A User Mode Write AV in Editor!TMethodImplementationIntercept+0x54dcec of WildBit Viewer v6.6 allows... | | |
| CVE-2020-23898 | A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows attackers to cause a denial of s... | | |
| CVE-2020-23899 | A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of s... | | |
| CVE-2020-23900 | A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a c... | E | |
| CVE-2020-23901 | A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of s... | E | |
| CVE-2020-23902 | A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a c... | | |
| CVE-2020-23903 | A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attacker... | E S | |
| CVE-2020-23904 | A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (D... | E | |
| CVE-2020-23906 | FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio f... | E S | |
| CVE-2020-23907 | An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, th... | E S | |
| CVE-2020-23909 | Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.... | E S | |
| CVE-2020-23910 | Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genha... | E S | |
| CVE-2020-23911 | An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function ... | E S | |
| CVE-2020-23912 | An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the funct... | E | |
| CVE-2020-23914 | An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer dereference exists in the peg:... | E S | |
| CVE-2020-23915 | An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h ha... | E S | |
| CVE-2020-23921 | An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based b... | E | |
| CVE-2020-23922 | An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer... | E | |
| CVE-2020-23928 | An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a h... | S | |
| CVE-2020-23930 | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ... | | |
| CVE-2020-23931 | An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a h... | S | |
| CVE-2020-23932 | An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump... | E S | |
| CVE-2020-23933 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-23934 | An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands... | E | |
| CVE-2020-23935 | Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: ad... | E | |
| CVE-2020-23936 | PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Usernam... | | |
| CVE-2020-23938 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. This candidate was erroneously published without ... | R | |
| CVE-2020-23945 | A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php ... | E | |
| CVE-2020-23957 | Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter... | E | |
| CVE-2020-23960 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3... | S | |
| CVE-2020-23962 | A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allows attackers to execute arbitra... | E | |
| CVE-2020-23966 | SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the... | E | |
| CVE-2020-23967 | Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without admini... | E | |
| CVE-2020-23968 | Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symli... | E | |
| CVE-2020-23971 | gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions. An attacker can acc... | E | |
| CVE-2020-23972 | In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function wit... | E | |
| CVE-2020-23973 | KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php,player.php,club.php' id param... | E | |
| CVE-2020-23974 | Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Onli... | E | |
| CVE-2020-23975 | Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id... | E | |
| CVE-2020-23976 | Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id param... | E | |
| CVE-2020-23977 | KandNconcepts Club CMS 1.1 and 1.2 has cross site scripting via the 'team.php,player.php,club.php' i... | E | |
| CVE-2020-23978 | SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"... | E | |
| CVE-2020-23979 | 13enforme CMS 1.0 has SQL Injection via the 'content.php' id parameter.... | E | |
| CVE-2020-23980 | DesignMasterEvents Conference management 1.0.0 allows SQL Injection via the username field on the ad... | E | |
| CVE-2020-23981 | 13enforme CMS 1.0 has Cross Site Scripting via the "content.php" id parameter.... | E | |
| CVE-2020-23982 | DesignMasterEvents Conference management 1.0.0 has cross site scripting via the 'certificate.php'... | E | |
| CVE-2020-23983 | Michael-design iChat Realtime PHP Live Support System 1.6 has persistent Cross-site Scripting via ch... | E | |
| CVE-2020-23984 | Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-site Scripting in Customer regi... | E | |
| CVE-2020-23986 | Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a ref... | S | |
| CVE-2020-23989 | NeDi 1.9C allows pwsec.php oid XSS.... | E | |
| CVE-2020-23992 | Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via retu... | E | |
| CVE-2020-23995 | An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authent... | S | |
| CVE-2020-23996 | A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 and 6.0 allows remote authentica... | S |