Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.6
CVE-2020-18766
- EPSS 0.44%
- Published 26.10.2020 16:15:13
- Last modified 21.11.2024 05:08:47
A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.
6.1
CVE-2020-25470
- EPSS 0.5%
- Published 26.10.2020 14:15:13
- Last modified 21.11.2024 05:18:01
AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution.
6.1
CVE-2019-13970
- EPSS 0.51%
- Published 19.07.2019 06:15:10
- Last modified 21.11.2024 04:25:48
In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or modules/database/php/index.js.
1