Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lavalite lavalite 5.8.0 vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2020-23234
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
Lavalite Lavalite 5.8.0
4.8
CVSSv3
CVE-2020-23700
Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature.
Lavalite Lavalite 5.8.0
5.4
CVSSv3
CVE-2020-36395
A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.
Lavalite Lavalite 5.8.0
5.4
CVSSv3
CVE-2020-36397
A stored cross site scripting (XSS) vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.
Lavalite Lavalite 5.8.0
5.4
CVSSv3
CVE-2020-36396
A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.
Lavalite Lavalite 5.8.0
5.4
CVSSv3
CVE-2020-28124
Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field.
Lavalite Lavalite 5.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started