Export limit exceeded: 45462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45462 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46706 | 1 Machinesense | 2 Feverwarn, Feverwarn Firmware | 2024-11-21 | 9.1 Critical |
| Multiple MachineSense devices have credentials unable to be changed by the user or administrator. | ||||
| CVE-2023-46693 | 1 Formalms | 1 Formalms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in FormaLMS before 4.0.5 allows attackers to run arbitrary code via title parameters. | ||||
| CVE-2023-46643 | 1 Cloudnet360 | 1 Cloudnet360 | 2024-11-21 | 6.1 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions. | ||||
| CVE-2023-46642 | 1 Sahu | 1 Sahu Tiktok Pixel For E-commerce | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions. | ||||
| CVE-2023-46627 | 1 Freelancer-coder | 1 Wordpress Simple Html Sitemap | 2024-11-21 | 6.1 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <= 2.1 versions. | ||||
| CVE-2023-46622 | 1 Wp-pizza | 1 Wppizza | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.18.2 versions. | ||||
| CVE-2023-46621 | 1 Enejbajgoric\/gagansandhu\/ctltdev | 1 User Avatar | 2024-11-21 | 6.1 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin <= 1.4.11 versions. | ||||
| CVE-2023-46613 | 1 Add-to-calendar-button | 1 Add To Calendar Button | 2024-11-21 | 5.4 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions. | ||||
| CVE-2023-46583 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows attackers to execute arbitrary code via a crafted payload injected into the State field. | ||||
| CVE-2023-46580 | 1 Code-projects | 1 Inventory Management | 2024-11-21 | 5.4 Medium |
| Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component. | ||||
| CVE-2023-46505 | 1 Pwncyn | 1 Fancms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file. | ||||
| CVE-2023-46504 | 1 Pwncyn | 1 Yxbookcms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component. | ||||
| CVE-2023-46503 | 1 Pwncyn | 1 Yxbookcms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a remote attacker to execute arbitrary code via the reader management and book input modules. | ||||
| CVE-2023-46495 | 1 Evershop | 1 Evershop | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the sortBy parameter. | ||||
| CVE-2023-46492 | 1 Mldb | 1 Machine Learning Database | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in MLDB.ai v.2017.04.17.0 allows a remote attacker to execute arbitrary code via a crafted payload to the public_html/doc/index.html. | ||||
| CVE-2023-46491 | 1 Zentao | 1 Biz | 2024-11-21 | 6.1 Medium |
| ZenTao Biz version 4.1.3 and before has a Cross Site Scripting (XSS) vulnerability in the Version Library. | ||||
| CVE-2023-46483 | 1 Timeteccloud | 1 Auto Web-based Database Management System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in timetec AWDMS v.2.0 allows an attacker to obtain sensitive information via a crafted payload to the remark parameter of the New Zone function. | ||||
| CVE-2023-46475 | 1 Easycorp | 1 Zentao | 2024-11-21 | 5.4 Medium |
| A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code. | ||||
| CVE-2023-46470 | 1 Spaceapplications | 1 Yacms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser. | ||||
| CVE-2023-46467 | 1 Juzaweb | 1 Cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page. | ||||