31 matches found
CVE-2020-36492
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component selectmedia.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
CVE-2020-18035
Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...
CVE-2020-18035
Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...
CVE-2020-18035
CVE-2020-18035 is a cross-site scripting vulnerability in Jeesns v1.4.2. The issue arises in the CKEditor integration, specifically through the CKEditorFuncNum parameter in the file/component CkeditorUploadController.java, allowing remote attackers to craft inputs that execute arbitrary code in t...
CVE-2020-18035
Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...
JEESNS 跨站脚本漏洞
JEESNS is a social management system based on the JAVA enterprise-level platform. JEESNS is vulnerable to cross-site scripting, which allows remote attackers to execute arbitrary code by injecting commands into the " CKEditorFuncNum" parameter to execute arbitrary code...
CVE-2019-14315
A cross-site scripting XSS vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter...
CVE-2019-14315
A cross-site scripting XSS vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter...
CVE-2019-14315
A cross-site scripting XSS vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter...