Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2161

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00512EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:38 p.m.8 views

CVE-2020-36396

A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS5.3AI score0.005EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:34 p.m.7 views

CVE-2020-36397

A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS5.3AI score0.00512EPSS
Exploits1
OSV
OSV
added 2022/05/24 7:6 p.m.12 views

GHSA-VV33-27JM-CVXQ Stored XSS in LavaLite 5.8.0

A stored cross site scripting XSS vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS5.2AI score0.00512EPSS
Exploits1References2
OSV
OSV
added 2022/05/24 5:47 p.m.14 views

GHSA-6R6H-VHG7-53X7 Cross Site Scripting (XSS) in LavaLite 5.8.0

Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...

5.4CVSS5.2AI score0.00516EPSS
Exploits1References4
NVD
NVD
added 2021/07/02 6:15 p.m.8 views

CVE-2020-36396

A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS0.005EPSS
Exploits1References1
OSV
OSV
added 2021/07/02 6:15 p.m.18 views

CVE-2020-36397

A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS5.4AI score
Exploits0References1
OSV
OSV
added 2021/07/02 6:15 p.m.18 views

CVE-2020-36396

A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS5.3AI score
Exploits0References1
OSV
OSV
added 2021/07/02 6:15 p.m.20 views

CVE-2020-36395

A stored cross site scripting XSS vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.4CVSS5.4AI score
Exploits0References1
Prion
Prion
added 2021/07/02 6:15 p.m.16 views

Cross site scripting

A stored cross site scripting XSS vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

3.5CVSS5.2AI score0.00512EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/07/02 6:15 p.m.13 views

Cross site scripting

A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

3.5CVSS5.2AI score0.005EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/07/02 6:15 p.m.11 views

Cross site scripting

A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

3.5CVSS5.2AI score0.00512EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/02 5:51 p.m.61 views

CVE-2020-36397

Summary of CVE-2020-36397 : A stored cross-site scripting (XSS) vulnerability exists in LavaLite 5.8.0, specifically in the /admin/contact/contact component. The issue allows authenticated attackers to inject arbitrary web scripts or HTML via a crafted payload entered into the “New” parameter. Th...

5.4CVSS5.2AI score0.00512EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/02 5:51 p.m.17 views

CVE-2020-36397

A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...

5.2AI score0.00512EPSS
Exploits1References1
CVE
CVE
added 2021/07/02 5:51 p.m.58 views

CVE-2020-36396

The CVE refers to LavaLite 5.8.0, specifically a stored XSS in the /admin/roles/role component. An authenticated attacker can inject arbitrary web scripts/HTML via the New parameter, enabling script execution in the context of the logged-in user. The provided connected documents confirm the vulne...

5.4CVSS5.2AI score0.005EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2021/04/14 6:15 p.m.10 views

CVE-2020-28124

Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...

5.4CVSS0.00516EPSS
Exploits1References1
Prion
Prion
added 2021/04/14 6:15 p.m.12 views

Cross site scripting

Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...

3.5CVSS5.2AI score0.00516EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/04/14 5:4 p.m.50 views

CVE-2020-28124

CVE-2020-28124 describes a Cross-Site Scripting (XSS) vulnerability in LavaLite CMS 5.8.0 exploitable via the address field. The issue arises from insufficient input sanitization of the address field, enabling injected script content that could be reflected or stored depending on context (per sou...

5.4CVSS5.2AI score0.00516EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/14 5:4 p.m.12 views

CVE-2020-28124

Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...

5.3AI score0.00516EPSS
Exploits1References1
Rows per page
Query Builder