Export limit exceeded: 45347 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45347 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-31299 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container. | ||||
| CVE-2023-31298 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user. | ||||
| CVE-2023-31297 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | 4.8 Medium |
| An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client. | ||||
| CVE-2023-31236 | 1 Unfocus | 1 Scripts N Styles | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in unFocus Projects Scripts n Styles plugin <= 3.5.7 versions. | ||||
| CVE-2023-31232 | 1 Artiss | 1 Plugins List | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <= 2.5 versions. | ||||
| CVE-2023-31221 | 1 Ransomchristofferson | 1 Pdq Csv | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ransom Christofferson PDQ CSV plugin <= 1.0.0 versions. | ||||
| CVE-2023-31218 | 1 Pluginus | 1 Wolf - Wordpress Posts Bulk Editor And Products Manager Professional | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions. | ||||
| CVE-2023-31217 | 1 User Location And Ip Project | 1 User Location And Ip | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in MyTechTalky User Location and IP plugin <= 1.6 versions. | ||||
| CVE-2023-31213 | 1 Wpbakery | 1 Page Builder | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPBakery Page Builder plugin <= 6.13.0 versions. | ||||
| CVE-2023-31177 | 1 Selinc | 2 Sel-451, Sel-451 Firmware | 2024-11-21 | 4.3 Medium |
| An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for more details. | ||||
| CVE-2023-31173 | 3 Microsoft, Schweitzer Engineering Laboratories, Selinc | 3 Windows, Sel-5033 Acselerator Rtac Software, Sel-5037 Sel Grid Configurator | 2024-11-21 | 7.7 High |
| Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | ||||
| CVE-2023-31172 | 1 Selinc | 1 Sel-5030 Acselerator Quickset | 2024-11-21 | 5.9 Medium |
| An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. | ||||
| CVE-2023-31091 | 1 Pradeepsinghweb | 1 Dynamically Register Sidebars | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <= 1.0.1 versions. | ||||
| CVE-2023-31079 | 1 Thechrisroberts | 1 Tippy | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Roberts Tippy plugin <= 6.2.1 versions. | ||||
| CVE-2023-31076 | 1 Really-simple-plugins | 1 Recipe Maker For Your Food Blog From Zip Recipes | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions. | ||||
| CVE-2023-31074 | 1 Hupe13 | 1 Extensions For Leaflet Map | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 Extensions for Leaflet Map plugin <= 3.4.1 versions. | ||||
| CVE-2023-31072 | 1 Praveengoswami | 1 Advanced Category Template | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Praveen Goswami Advanced Category Template plugin <= 0.1 versions. | ||||
| CVE-2023-31071 | 1 Ylefebvre | 1 Modal Dialog | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions. | ||||
| CVE-2023-30963 | 1 Palantir | 1 Foundry Frontend | 2024-11-21 | 5.4 Medium |
| A security defect was discovered in Foundry Frontend which enabled users to perform Stored XSS attacks in Slate if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.229.0. The service was rolled out to all affected Foundry instances. No further intervention is required. | ||||
| CVE-2023-30962 | 1 Palantir | 1 Gotham Cerberus | 2024-11-21 | 6.8 Medium |
| The Gotham Cerberus service was found to have a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Gotham to launch attacks against other users. This vulnerability is resolved in Cerberus 100.230704.0-27-g031dd58 . | ||||