CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dzzoffice: >> Dzzoffice >> 2.02 Security Vulnerabilities

CVE-2020-19703

A cross-site scripting (XSS) vulnerability in the referer parameter of Dzzoffice 2.02 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVSS Score

6.1

EPSS Score

0.002

Published

2021-08-26

CVE-2021-3318

attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.

CVSS Score

6.1

EPSS Score

0.003

Published

2021-01-27

Page 1

Vulnerabilities

Vulnerable Software

Dzzoffice: >> Dzzoffice >> 2.02 Security Vulnerabilities

Products

Pricing

Contact Us