Export limit exceeded: 45646 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45646 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1317 | 1 Enhancesoft | 1 Osticket | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. | ||||
| CVE-2023-36891 | 1 Microsoft | 1 Sharepoint Server | 2025-02-27 | 8 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2024-12232 | 1 Code-projects | 1 Simple Crud Functionality | 2025-02-27 | 3.5 Low |
| A vulnerability has been found in code-projects Simple CRUD Functionality 1.0 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument newtitle/newdescr leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-29306 | 1 Adobe | 1 Connect | 2025-02-27 | 6.1 Medium |
| Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-29305 | 1 Adobe | 1 Connect | 2025-02-27 | 6.1 Medium |
| Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-38214 | 1 Adobe | 1 Experience Manager | 2025-02-27 | 5.4 Medium |
| Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-38215 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2025-02-27 | 5.4 Medium |
| Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-36380 | 1 Siemens | 4 Cp-8031, Cp-8031 Firmware, Cp-8050 and 1 more | 2025-02-27 | 9.8 Critical |
| A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). The affected devices contain a hard-coded ID in the SSH `authorized_keys` configuration file. An attacker with knowledge of the corresponding private key could login to the device via SSH. Only devices with activated debug support are affected. | ||||
| CVE-2023-44315 | 1 Siemens | 1 Sinec Nms | 2025-02-27 | 4.7 Medium |
| A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users. | ||||
| CVE-2023-38219 | 1 Adobe | 2 Commerce, Magento | 2025-02-27 | 8.7 High |
| Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact. | ||||
| CVE-2023-5867 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.2. | ||||
| CVE-2023-5873 | 1 Pimcore | 1 Pimcore | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 11.1.0. | ||||
| CVE-2023-5890 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5892 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5891 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5894 | 1 Sfu | 1 Open Journal Systems | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16. | ||||
| CVE-2023-5895 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5896 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4. | ||||
| CVE-2023-5903 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5904 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||