Export limit exceeded: 45420 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45420 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39921 | 1 Amitzy | 1 Molongui | 2024-11-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through 4.6.19. | ||||
| CVE-2023-39919 | 1 Maennchen1 | 1 Wpshopgermany - Protected Shops | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany – Protected Shops plugin <= 2.0 versions. | ||||
| CVE-2023-39918 | 1 Saasproject | 1 Booking Package | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <= 1.6.01 versions. | ||||
| CVE-2023-39808 | 1 Nvki | 1 Intelligent Broadband Subscriber Gateway | 2024-11-21 | 9.8 Critical |
| N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service. | ||||
| CVE-2023-39777 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter. | ||||
| CVE-2023-39714 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section. | ||||
| CVE-2023-39712 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section. | ||||
| CVE-2023-39711 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section. | ||||
| CVE-2023-39710 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section. | ||||
| CVE-2023-39709 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section. | ||||
| CVE-2023-39708 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section. | ||||
| CVE-2023-39707 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section. | ||||
| CVE-2023-39703 | 1 Typora | 1 Typora | 2024-11-21 | 6.1 Medium |
| A cross site scripting (XSS) vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file. | ||||
| CVE-2023-39700 | 1 Icewarp | 1 Mail Server | 2024-11-21 | 6.1 Medium |
| IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter. | ||||
| CVE-2023-39678 | 1 Bdcom | 3 Olt P3310d-2ac, P3310d-2ac, P3310d-2ac Firmware | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the device web interface (Log Query page) of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter. | ||||
| CVE-2023-39676 | 1 Fieldthemes | 1 Fieldpopupnewsletter | 2024-11-21 | 6.1 Medium |
| FieldPopupNewsletter Prestashop Module v1.0.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback parameter at ajax.php. | ||||
| CVE-2023-39600 | 1 Icewarp | 1 Icewarp | 2024-11-21 | 6.1 Medium |
| IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter. | ||||
| CVE-2023-39598 | 1 Icewarp | 1 Webclient | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter. | ||||
| CVE-2023-39578 | 1 Tribalsystems | 1 Zenario | 2024-11-21 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field. | ||||
| CVE-2023-39575 | 1 Isl | 1 Arp-guard | 2024-11-21 | 5.4 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the url_str URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||