Export limit exceeded: 344962 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45437 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45437 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40809 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number. | ||||
| CVE-2023-40786 | 1 Hkcms | 1 Hkcms | 2024-11-21 | 5.4 Medium |
| HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting (XSS) allowing administrator cookies to be stolen. | ||||
| CVE-2023-40755 | 1 Phpjabbers | 1 Callback Widget | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0. | ||||
| CVE-2023-40753 | 1 Phpjabbers | 1 Ticket Support Script | 2024-11-21 | 5.4 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2. | ||||
| CVE-2023-40752 | 1 Phpjabbers | 1 Make An Offer Widget | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0. | ||||
| CVE-2023-40751 | 1 Phpjabbers | 1 Fundraising Script | 2024-11-21 | 6.1 Medium |
| PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php. | ||||
| CVE-2023-40750 | 1 Phpjabbers | 1 Yacht Listing Script | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0. | ||||
| CVE-2023-40719 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2024-11-21 | 4.1 Medium |
| A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials. | ||||
| CVE-2023-40717 | 1 Fortinet | 1 Fortitester | 2024-11-21 | 5 Medium |
| A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands. | ||||
| CVE-2023-40705 | 1 I-pro | 1 Video Insight | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-40684 | 1 Ibm | 1 Content Navigator | 2024-11-21 | 4.6 Medium |
| IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019. | ||||
| CVE-2023-40681 | 1 Groundhogg | 1 Groundhogg | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11.10 versions. | ||||
| CVE-2023-40680 | 1 Yoast | 1 Yoast Seo | 2024-11-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0. | ||||
| CVE-2023-40677 | 1 Gopiplus | 1 Vertical Marquee | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <= 7.1 versions. | ||||
| CVE-2023-40676 | 1 Wp-slimstat | 1 Slimstat Analytics | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.8 versions. | ||||
| CVE-2023-40675 | 1 Pluginops | 1 Landing Page Builder | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PluginOps Landing Page Builder plugin <= 1.5.1.2 versions. | ||||
| CVE-2023-40674 | 1 Getlasso | 1 Simple Urls | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management allows Stored XSS.This issue affects Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management: from n/a through 118. | ||||
| CVE-2023-40669 | 1 Twinpictures | 1 Collapse-o-matic | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in twinpictures, baden03 Collapse-O-Matic plugin <= 1.8.5.5 versions. | ||||
| CVE-2023-40668 | 1 Pdfcrowd | 1 Save As Pdf | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin <= 2.16.0 versions. | ||||
| CVE-2023-40667 | 1 Getlasso | 1 Simple Urls | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lasso Simple URLs plugin <= 117 versions. | ||||