Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5782 matches found

NVD
NVDadded 2020/06/12 4:15 p.m.10 views

CVE-2020-4049

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...

3.5CVSS0.05886EPSS
Exploits0References8
OSV
OSVadded 2020/06/12 4:15 p.m.13 views

CVE-2020-4049

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...

2.4CVSS6.5AI score
Exploits0References8
OSV
OSVadded 2020/06/12 4:15 p.m.1 views

UBUNTU-CVE-2020-4049

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...

2.4CVSS6.6AI score0.05886EPSS
Exploits0References6
Cvelist
Cvelistadded 2020/06/12 4:0 p.m.20 views

CVE-2020-4049 Authenticated self-XSS via theme uploads in WordPress

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...

2.4CVSS5.1AI score0.05886EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2020/06/12 4:0 p.m.26 views

CVE-2020-4049

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...

3.5CVSS5.9AI score0.05886EPSS
Exploits0
NVD
NVDadded 2020/06/12 2:15 p.m.15 views

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS0.14026EPSS
Exploits0References1
OSV
OSVadded 2020/06/12 2:15 p.m.0 views

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS6.5AI score0.14026EPSS
Exploits0References1
NVD
NVDadded 2020/06/12 2:15 p.m.12 views

CVE-2020-9651

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS0.14026EPSS
Exploits0References1
OSV
OSVadded 2020/06/12 2:15 p.m.2 views

CVE-2020-9644

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting stored vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

5.4CVSS5.9AI score0.05965EPSS
Exploits0References1
NVD
NVDadded 2020/06/12 2:15 p.m.15 views

CVE-2020-9647

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS0.14026EPSS
Exploits0References1
Prion
Prionadded 2020/06/12 2:15 p.m.12 views

Cross site scripting

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

4.3CVSS6.1AI score0.14026EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2020/06/12 2:15 p.m.12 views

Cross site scripting

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

4.3CVSS6.1AI score0.14026EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2020/06/12 1:14 p.m.2 views

EUVD-2020-30437

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS6AI score0.14026EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/06/12 1:14 p.m.14 views

CVE-2020-9651

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.2AI score0.14026EPSS
Exploits0References1
EUVD
EUVDadded 2020/06/12 1:14 p.m.2 views

EUVD-2020-30433

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS6AI score0.14026EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/06/12 1:13 p.m.13 views

CVE-2020-9644

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting stored vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

5.9AI score0.05965EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/06/12 1:12 p.m.22 views

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.2AI score0.14026EPSS
Exploits0References1
EUVD
EUVDadded 2020/06/12 1:12 p.m.2 views

EUVD-2020-30434

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS6AI score0.14026EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2020/06/12 12:0 a.m.38 views

Adobe Experience Manager 6.0 < 6.5 Multiple Vulnerabilities (APSB20-31)

The version of Adobe Experience Manager installed on the remote host is prior to 6.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-31 advisory. - Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery ssrf vulnerability...

7.5CVSS6.4AI score0.14026EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2020/06/11 8:17 a.m.3 views

Multiple vulnerabilities in Zenphoto

Overview Zenphoto is a content management system CMS. Zenphoto contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2020-5592 Code Injection CWE-94 - CVE-2020-5593 Tomohisa Maeda of Panasonic Corporation, Product Security Center reported this vulnerability to IPA...

8.8CVSS6.9AI score0.0079EPSS
Exploits0References8
Rows per page
Query Builder