CVE-2020-19046: XSS
First published: Tue Aug 31 2021(Updated: )
Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to execute arbitrary code via the component '/admin/tpl.php?page='.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| S-cms S-cms | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this XSS vulnerability?
The vulnerability ID is CVE-2020-19046.
What software is affected by this XSS vulnerability?
S-CMS v1.0 is affected by this XSS vulnerability.
How can remote attackers exploit this vulnerability?
Remote attackers can execute arbitrary code by exploiting the XSS vulnerability in the '/admin/tpl.php?page=' component.
What is the severity of CVE-2020-19046?
The severity of CVE-2020-19046 is medium with a score of 5.4.
Is there any reference information available for CVE-2020-19046?
Yes, you can find reference information about CVE-2020-19046 at this link: [https://github.com/Aoyanm/audit/issues/1](https://github.com/Aoyanm/audit/issues/1).
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/s-cms
- canonical/s-cms s-cms
- version/s-cms s-cms/1.0