Export limit exceeded: 45445 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45445 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-44245 1 Leaptodigital 1 Contact Form Website To Workflow Tool 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions.
CVE-2023-44244 1 Fooplugins 1 Foogallery 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions.
CVE-2023-44242 1 2joomla 1 2j Slideshow 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <= 1.3.54 versions.
CVE-2023-44239 1 Walkswithme 1 Social Share On Image Hover 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <= 2.2 versions.
CVE-2023-44230 1 Gopiplus 1 Popup Contact Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.
CVE-2023-44229 1 Gopiplus 1 Tiny Carosel Horizontal Slider 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny Carousel Horizontal Slider plugin <= 8.1 versions.
CVE-2023-44228 1 Gopiplus 1 Onclick Show Popup 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions.
CVE-2023-44207 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 5.4 Medium
Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44174 1 Projectworlds 1 Online Movie Ticket Booking System 2024-11-21 6.4 Medium
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.
CVE-2023-44173 1 Projectworlds 1 Online Movie Ticket Booking System 2024-11-21 5.4 Medium
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
CVE-2023-44145 1 Jesweb 1 Anchor Episodes Index \(spotify For Podcasters\) 2024-11-21 6.5 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <= 2.1.7 versions.
CVE-2023-44144 1 Dreamfoxmedia 1 Payment Gateway Per Product For Woocommerce 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <= 3.2.7 versions.
CVE-2023-44143 1 Bamboo Mcr 1 Bamboo Columns 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Columns allows Stored XSS.This issue affects Bamboo Columns: from n/a through 1.6.1.
CVE-2023-44089 1 Pandorafms 1 Pandora Fms 2024-11-21 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). It was possible to execute malicious JS code on Visual Consoles. This issue affects Pandora FMS: from 700 through 774.
CVE-2023-44075 1 Small Crm Project 1 Small Crm 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arbitrary code via a crafted payload to the Address parameter.
CVE-2023-44048 1 Oretnom23 1 Expense Tracker 2024-11-21 5.4 Medium
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category.
CVE-2023-44043 1 Blackcat-cms 1 Blackcat Cms 2024-11-21 6.1 Medium
A reflected cross-site scripting (XSS) vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website title parameter.
CVE-2023-44042 1 Blackcat-cms 1 Blackcat Cms 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in /settings/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website header parameter.
CVE-2023-44012 1 Mojoportal 1 Mojoportal 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component.
CVE-2023-43952 1 Sscms Project 1 Sscms 2024-11-21 5.4 Medium
SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.