Export limit exceeded: 44785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44317 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-11-21 | 5.4 Medium |
| In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability. | ||||
| CVE-2021-44310 | 1 Firmware Analysis And Comparison Tool Project | 1 Firmware Analysis And Comparison Tool | 2024-11-21 | 4.8 Medium |
| An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality. | ||||
| CVE-2021-44299 | 1 Naviwebs | 1 Navigate Cms | 2024-11-21 | 5.4 Medium |
| A reflected cross-site scripting (XSS) vulnerability in \lib\packages\themes\themes.php of Navigate CMS v2.9.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2021-44279 | 1 Librenms | 1 Librenms | 2024-11-21 | 6.1 Medium |
| Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/forms/poller-groups.inc.php. | ||||
| CVE-2021-44277 | 1 Librenms | 1 Librenms | 2024-11-21 | 6.1 Medium |
| Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/common/alert-log.inc.php. | ||||
| CVE-2021-44266 | 1 Gunet | 1 Open Eclass Platform | 2024-11-21 | 6.1 Medium |
| GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter. | ||||
| CVE-2021-44263 | 1 Gurock | 1 Testrail | 2024-11-21 | 5.4 Medium |
| Gurock TestRail before 7.2.4 mishandles HTML escaping. | ||||
| CVE-2021-44217 | 1 Ericsson | 1 Codechecker | 2024-11-21 | 6.1 Medium |
| In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeCheckerService API. | ||||
| CVE-2021-44213 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message. | ||||
| CVE-2021-44212 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring. | ||||
| CVE-2021-44211 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | 5.4 Medium |
| OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature. | ||||
| CVE-2021-44210 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data. | ||||
| CVE-2021-44209 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO. | ||||
| CVE-2021-44208 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat. | ||||
| CVE-2021-44203 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | ||||
| CVE-2021-44202 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | ||||
| CVE-2021-44201 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | ||||
| CVE-2021-44200 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-11-21 | 5.4 Medium |
| Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | ||||
| CVE-2021-44178 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
| AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a reflected Cross-Site Scripting (XSS) vulnerability via the itemResourceType parameter. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser | ||||
| CVE-2021-44177 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 8.1 High |
| AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||