Headline
CVE-2020-23718: The function parameter [Route] has reflective XSS · Issue #4 · xujinliang/zibbs
Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php.
Related news
CVE-2021-3380: Icrem (-_-)
Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.
CVE-2020-20982: There is a reflected XSS vulnerability · Issue #1 · shadoweb/wdja
Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.
CVE-2020-27406: dynpg - CMS für Websites und Digitalisierung / Automatisierung
Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname.