Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2020-19148 | Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinal_cms/front/person/profile.html'. network CWE-79 | 3.5 |
| 2021-09-15 | CVE-2020-19156 | Cross-site Scripting vulnerability in Ari-Soft ARI Adminer 1.0 Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called. | 3.5 |
| 2021-09-15 | CVE-2020-19158 | Cross-site Scripting vulnerability in S-Cms 20191014 Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'. | 3.5 |
| 2021-09-14 | CVE-2021-21489 | Cross-site Scripting vulnerability in SAP Netweaver Enterprise Portal SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. | 3.5 |
| 2021-09-13 | CVE-2021-29643 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 21.3.69.1333 allows stored XSS via an unsanitized string imported from a User Object in a connected Active Directory instance. | 3.5 |
| 2021-09-13 | CVE-2021-22528 | Cross-site Scripting vulnerability in Microfocus Access Manager 5.0 Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | 3.5 |
| 2021-09-13 | CVE-2021-40214 | Cross-site Scripting vulnerability in Gibbonedu Gibbon 22.0.00 Gibbon v22.0.00 suffers from a stored XSS vulnerability within the wall messages component. | 3.5 |
| 2021-09-09 | CVE-2020-19281 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username field. | 3.5 |
| 2021-09-09 | CVE-2020-19284 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field. | 3.5 |
| 2021-09-09 | CVE-2020-19285 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field. | 3.5 |