| Max CVSS | 4.3 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-26583 | 4.3 |
An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vuln
|
29-10-2020 - 19:46 | 16-10-2020 - 06:15 | |
| CVE-2020-26584 | 4.3 |
An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. The search field "Kurs suchen" on the page Kurskatalog is vulnerable to Reflected XSS. If the attacker can lure a user into clicking a crafted link, he can execute arbitrary JavaScript
|
27-10-2020 - 19:04 | 16-10-2020 - 06:15 | |
| CVE-2020-7210 | 4.3 |
Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.
|
06-02-2020 - 19:44 | 23-01-2020 - 13:15 | |
| CVE-2020-6843 | 3.5 |
Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This issue was fixed in version 11.0 Build 11010, SD-83959.
|
27-01-2020 - 19:57 | 23-01-2020 - 15:15 | |
| CVE-2019-19457 | 3.5 |
SALTO ProAccess SPACE 5.4.3.0 allows XSS.
|
11-12-2019 - 02:53 | 03-12-2019 - 20:15 |