Export limit exceeded: 342291 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44783 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44783 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43721 | 1 Leanote | 1 Leanote | 2024-11-21 | 6.1 Medium |
| Leanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in the markdown type note. This leads to remote code execution with payload : <video src=x onerror=(function(){require('child_process').exec('calc');})();> | ||||
| CVE-2021-43712 | 1 Employee Daily Task Management System Project | 1 Employee Daily Task Management System | 2024-11-21 | 5.4 Medium |
| Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. | ||||
| CVE-2021-43707 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter. | ||||
| CVE-2021-43702 | 1 Asus | 186 4g-ac53u, 4g-ac53u Firmware, 4g-ac68u and 183 more | 2024-11-21 | 9.0 Critical |
| ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device. | ||||
| CVE-2021-43698 | 1 Phpwhois Project | 1 Phpwhois | 2024-11-21 | 6.1 Medium |
| phpWhois (last update Jun 30 2021) is affected by a Cross Site Scripting (XSS) vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET['query'] then there is a XSS vulnerability. | ||||
| CVE-2021-43697 | 1 Workerman-thinkphp-redis Project | 1 Workerman-thinkphp-redis | 2024-11-21 | 6.1 Medium |
| Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulnerability. | ||||
| CVE-2021-43696 | 1 Twmap Project | 1 Twmap | 2024-11-21 | 6.1 Medium |
| twmap v2.91_v4.33 is affected by a Cross Site Scripting (XSS) vulnerability. In file list.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST then there is a XSS vulnerability. | ||||
| CVE-2021-43695 | 1 Issabel | 1 Pbx | 2024-11-21 | 6.1 Medium |
| issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability. | ||||
| CVE-2021-43692 | 1 Youtube-php-mirroring Project | 1 Youtube-php-mirroring | 2024-11-21 | 6.1 Medium |
| youtube-php-mirroring (last update Jun 9, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in file ytproxy/index.php. | ||||
| CVE-2021-43690 | 1 Yurunproxy Project | 1 Yurunproxy | 2024-11-21 | 6.1 Medium |
| YurunProxy v0.01 is affected by a Cross Site Scripting (XSS) vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socket_read. | ||||
| CVE-2021-43689 | 1 Manage Project | 1 Manage | 2024-11-21 | 6.1 Medium |
| manage (last update Oct 24, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script and print a message which have values from $_POST. | ||||
| CVE-2021-43687 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 6.1 Medium |
| chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie. | ||||
| CVE-2021-43686 | 1 Nzedb Project | 1 Nzedb | 2024-11-21 | 6.1 Medium |
| nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) vulnerability in www/pages/api.php. The exit function will terminate the script and print the message which has the input $_GET['t']. | ||||
| CVE-2021-43683 | 1 Haschek | 1 Pictshare | 2024-11-21 | 6.1 Medium |
| pictshare v1.5 is affected by a Cross Site Scripting (XSS) vulnerability in api/info.php. The exit function will terminate the script and print the message which has $_REQUEST['hash']. | ||||
| CVE-2021-43682 | 1 Thinkphp-bjyblog Project | 1 Thinkphp-bjyblog | 2024-11-21 | 6.1 Medium |
| thinkphp-bjyblog (last update Jun 4 2021) is affected by a Cross Site Scripting (XSS) vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $_SERVER['HTTP_HOST']. | ||||
| CVE-2021-43681 | 1 Zerodream | 1 Sakurapanel | 2024-11-21 | 6.1 Medium |
| SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) vulnerability in /master/core/PostHandler.php. The exit function will terminate the script and print the message $data['proxy_name']. | ||||
| CVE-2021-43678 | 1 Wechat-php-sdk Project | 1 Wechat-php-sdk | 2024-11-21 | 6.1 Medium |
| Wechat-php-sdk v1.10.2 is affected by a Cross Site Scripting (XSS) vulnerability in Wechat.php. | ||||
| CVE-2021-43677 | 1 Fluxbb | 1 Fluxbb | 2024-11-21 | 6.1 Medium |
| Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability. | ||||
| CVE-2021-43675 | 1 Lycheeorg | 1 Lychee | 2024-11-21 | 6.1 Medium |
| Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user. | ||||
| CVE-2021-43673 | 1 Dzzoffice | 1 Dzzoffice | 2024-11-21 | 6.1 Medium |
| dzzoffice 2.02.1_SC_UTF8 is affected by a Cross Site Scripting (XSS) vulnerability in explorerfile.php. The output of the exit function is printed for the user via exit(json_encode($return)). | ||||