Export limit exceeded: 345044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45442 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43458 | 2 Resort Reservation System Project, Sourcecodester | 2 Resort Reservation System, Resort Reservation System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Resort Reservation System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the room, name, and description parameters in the manage_room function. | ||||
| CVE-2023-43456 | 1 Oretnom23 | 1 Service Provider Management System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user endpoint. | ||||
| CVE-2023-43377 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_contratto.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the destinatario_email1 parameter. | ||||
| CVE-2023-43376 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter. | ||||
| CVE-2023-43360 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component. | ||||
| CVE-2023-43359 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component. | ||||
| CVE-2023-43358 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component. | ||||
| CVE-2023-43357 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component. | ||||
| CVE-2023-43356 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component. | ||||
| CVE-2023-43355 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. | ||||
| CVE-2023-43354 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component. | ||||
| CVE-2023-43353 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component. | ||||
| CVE-2023-43346 | 1 Opensolution | 1 Quick Cms | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component. | ||||
| CVE-2023-43345 | 1 Opensolution | 1 Quick Cms | 2024-11-21 | 8.6 High |
| Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component. | ||||
| CVE-2023-43344 | 1 Opensolution | 1 Quick Cms | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component. | ||||
| CVE-2023-43343 | 1 Opensolution | 1 Quick Cms | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component. | ||||
| CVE-2023-43342 | 1 Opensolution | 1 Quick Cms | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component. | ||||
| CVE-2023-43341 | 1 Evo | 1 Evolution Cms | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter. | ||||
| CVE-2023-43340 | 1 Evo | 1 Evolution Cms | 2024-11-21 | 5.2 Medium |
| Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters | ||||
| CVE-2023-43339 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components. | ||||