Search Results | AttackerKB

6 Total Results

Displaying 1-6 of 6

Attacker Value

Unknown

CVE-2020-23234

Disclosure Date: July 26, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".

Attacker Value

Unknown

CVE-2020-23700

Disclosure Date: July 07, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2020-36396

Disclosure Date: July 02, 2021 (last updated February 22, 2025)

A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2020-36395

Disclosure Date: July 02, 2021 (last updated February 22, 2025)

A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2020-36397

Disclosure Date: July 02, 2021 (last updated February 22, 2025)

A stored cross site scripting (XSS) vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2020-28124

Disclosure Date: April 14, 2021 (last updated February 22, 2025)

Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field.

Attack Vector: Network Privileges: Low User Interaction: Required

6 Total Results

Displaying 1-6 of 6

Unknown

CVE-2020-23234

Unknown

CVE-2020-23700

Unknown

CVE-2020-36396

Unknown

CVE-2020-36395

Unknown

CVE-2020-36397

Unknown

CVE-2020-28124

Quick Cookie Notification