Export limit exceeded: 345229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45471 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45471 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-50550 | 1 Layui | 1 Layui | 2024-11-21 | 5.4 Medium |
| layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter. | ||||
| CVE-2023-50473 | 1 Billahmed | 1 Qbit Matui | 2024-11-21 | 5.4 Medium |
| Cross-Site Scripting (XSS) vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers (SID) in index.js file. | ||||
| CVE-2023-50465 | 1 Monicahq | 1 Monica | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in Monica (aka MonicaHQ) 4.0.0 via an SVG document uploaded by an authenticated user. | ||||
| CVE-2023-50377 | 1 Ab-wp | 1 Simple Counter | 2024-11-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AB-WP Simple Counter allows Stored XSS.This issue affects Simple Counter: from n/a through 1.0.2. | ||||
| CVE-2023-50376 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smp7, wp.Insider Simple Membership allows Reflected XSS.This issue affects Simple Membership: from n/a through 4.3.8. | ||||
| CVE-2023-50371 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows Stored XSS.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 8.0.6. | ||||
| CVE-2023-50370 | 1 Livemeshthemes | 1 Wpbakery Page Builder Addons | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh WPBakery Page Builder Addons by Livemesh allows Stored XSS.This issue affects WPBakery Page Builder Addons by Livemesh: from n/a through 3.5. | ||||
| CVE-2023-50369 | 1 Almapay | 1 Alma | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alma Alma – Pay in installments or later for WooCommerce allows Stored XSS.This issue affects Alma – Pay in installments or later for WooCommerce: from n/a through 5.1.3. | ||||
| CVE-2023-50368 | 1 Averta | 1 Shortcodes And Extra Features For Phlox Theme | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Shortcodes and extra features for Phlox theme allows Stored XSS.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.2. | ||||
| CVE-2023-50357 | 1 Areal-topkapi | 1 Webserv1 | 2024-11-21 | 5.4 Medium |
| A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged attacker to gain escalated privileges of other non-admin users. | ||||
| CVE-2023-50339 | 1 Weseek | 1 Growi | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | ||||
| CVE-2023-50137 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | 5.4 Medium |
| JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in the site management office. | ||||
| CVE-2023-50124 | 1 Flient | 2 Smart Lock Advanced, Smart Lock Advanced Firmware | 2024-11-21 | 6.8 Medium |
| Flient Smart Door Lock v1.0 is vulnerable to Use of Default Credentials. Due to default credentials on a debug interface, in combination with certain design choices, an attacker can unlock the Flient Smart Door Lock by replacing the fingerprint that is stored on the scanner. | ||||
| CVE-2023-50102 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | 5.4 Medium |
| JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS). | ||||
| CVE-2023-50100 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | 5.4 Medium |
| JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via carousel image editing. | ||||
| CVE-2023-50069 | 1 Wiremock | 1 Wiremock | 2024-11-21 | 6.1 Medium |
| WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting (SXSS) through the recording feature. An attacker can host a malicious payload and perform a test mapping pointing to the attacker's file, and the result will render on the Matched page in the Body area, resulting in the execution of the payload. This occurs because the response body is not validated or sanitized. | ||||
| CVE-2023-4983 | 1 App1pro | 1 Shopicial | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in app1pro Shopicial up to 20230830. It has been declared as problematic. This vulnerability affects unknown code of the file search. The manipulation of the argument from with the input comments</script>'"><img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239794 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-4982 | 1 Librenms | 1 Librenms | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0. | ||||
| CVE-2023-4981 | 1 Librenms | 1 Librenms | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. | ||||
| CVE-2023-4980 | 1 Librenms | 1 Librenms | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0. | ||||