Export limit exceeded: 344954 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45436 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45436 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40664 | 1 Rednao | 1 Smart Donations | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy – Smart Donations plugin <= 4.0.12 versions. | ||||
| CVE-2023-40659 | 1 Joomboost | 1 Easy Quick Contact | 2024-11-21 | 6.1 Medium |
| A reflected XSS vulnerability was discovered in the Easy Quick Contact module for Joomla. | ||||
| CVE-2023-40658 | 1 Deconf | 1 Clicky Analytics Dashboard | 2024-11-21 | 6.1 Medium |
| A reflected XSS vulnerability was discovered in the Clicky Analytics Dashboard module for Joomla. | ||||
| CVE-2023-40657 | 1 Artio | 1 Joomdoc | 2024-11-21 | 6.1 Medium |
| A reflected XSS vulnerability was discovered in the Joomdoc component for Joomla. | ||||
| CVE-2023-40656 | 1 Plasma-web | 1 Quickform | 2024-11-21 | 6.1 Medium |
| A reflected XSS vulnerability was discovered in the Quickform component for Joomla. | ||||
| CVE-2023-40628 | 1 Extplorer | 1 Extplorer | 2024-11-21 | 6.1 Medium |
| A reflected XSS vulnerability was discovered in the Extplorer component for Joomla. | ||||
| CVE-2023-40627 | 1 Mlwebtechnologies | 1 Livingword | 2024-11-21 | 6.1 Medium |
| A reflected XSS vulnerability was discovered in the LivingWord component for Joomla. | ||||
| CVE-2023-40624 | 1 Sap | 1 Netweaver Application Server Abap | 2024-11-21 | 5.5 Medium |
| SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of this web-application. | ||||
| CVE-2023-40618 | 1 Openknowledgemaps | 1 Head Start | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in 'headstart_snapshot.php'. | ||||
| CVE-2023-40617 | 1 Openknowledgemaps | 1 Head Start | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'. | ||||
| CVE-2023-40605 | 1 93digital | 1 Typing Effect | 2024-11-21 | 6.5 Medium |
| Auth. (contributor) Cross-Site Scripting (XSS) vulnerability in 93digital Typing Effect plugin <= 1.3.6 versions. | ||||
| CVE-2023-40604 | 1 Jesmadsen | 1 Cookies By Jm | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jes Madsen Cookies by JM plugin <= 1.0 versions. | ||||
| CVE-2023-40601 | 1 Estatik | 1 Estatik Mortgage Calculator | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik Estatik Mortgage Calculator plugin <= 2.0.7 versions. | ||||
| CVE-2023-40560 | 1 Toolstack | 1 Schedule Posts Calendar | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions. | ||||
| CVE-2023-40554 | 1 Adenion | 1 Blog2social | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin <= 7.2.0 versions. | ||||
| CVE-2023-40553 | 1 Plausible | 1 Plausible Analytics | 2024-11-21 | 5.8 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Plausible.Io Plausible Analytics plugin <= 1.3.3 versions. | ||||
| CVE-2023-40552 | 1 Codeinitiator | 1 Fitness Calculators Plugin | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gurcharan Singh Fitness calculators plugin plugin <= 2.0.7 versions. | ||||
| CVE-2023-40535 | 1 I-pro | 1 Video Insight | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting vulnerability in View setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-40519 | 1 Broadpeak | 1 Centralized Accounts Management Auth Agent | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575_ee9195b0, 01.01.01.30097902_fd999e76, and 00.12.01.9565588_1254b459 allows remote attackers to inject arbitrary web script or HTML via the disconnectMessage parameter. | ||||
| CVE-2023-40367 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 5.4 Medium |
| IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 263376. | ||||