Export limit exceeded: 351407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46001 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2922 | 1 Comment System Project | 1 Comment System | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230076. | ||||
| CVE-2023-3381 | 1 Online School Fees System Project | 1 Online School Fees System | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown functionality of the file /paysystem/datatable.php of the component GET Parameter Handler. The manipulation of the argument doj leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-232237 was assigned to this vulnerability. | ||||
| CVE-2023-3474 | 1 Simplephpscripts | 1 Simple Blog | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component. The identifier VDB-232753 was assigned to this vulnerability. | ||||
| CVE-2023-3535 | 1 Simplephpscripts | 1 Faq Script Php | 2024-11-21 | 3.5 Low |
| A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233287. | ||||
| CVE-2023-3563 | 1 Gzscripts | 1 Gz E Learning Platform | 2024-11-21 | 3.5 Low |
| A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was assigned to this vulnerability. | ||||
| CVE-2015-10121 | 1 Beeliked | 1 Beeliked | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in Beeliked Microsite Plugin up to 1.0.1 on WordPress and classified as problematic. Affected by this vulnerability is the function embed_handler of the file beelikedmicrosite.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.0.2 is able to address this issue. The identifier of the patch is d23bafb5d05fb2636a2b78331f9d3fca152903dc. It is recommended to upgrade the affected component. The identifier VDB-233365 was assigned to this vulnerability. | ||||
| CVE-2023-3853 | 1 Phpscriptpoint | 1 Bloodbank | 2024-11-21 | 3.5 Low |
| A vulnerability was found in phpscriptpoint BloodBank 1.1. It has been rated as problematic. This issue affects some unknown processing of the file page.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235205 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3884 | 1 Campcodes | 1 Beauty Salon Management System | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235246 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-6313 | 1 Url Shortener Project | 1 Url Shortener | 2024-11-21 | 3.5 Low |
| A vulnerability was found in SourceCodester URL Shortener 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Long URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246139. | ||||
| CVE-2023-6465 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615. | ||||
| CVE-2023-6613 | 1 Typecho | 1 Typecho | 2024-11-21 | 2.4 Low |
| A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown function of the file /admin/options-theme.php of the component Logo Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-6650 | 1 Oretnom23 | 1 Simple Invoice Generator System | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in SourceCodester Simple Invoice Generator System 1.0 and classified as problematic. This issue affects some unknown processing of the file login.php. The manipulation of the argument cashier leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247343. | ||||
| CVE-2024-47486 | 1 Hikvision | 1 Hikcentral Master | 2024-11-21 | 6.1 Medium |
| There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data. | ||||
| CVE-2023-4115 | 1 Phpjabbers | 1 Cleaning Business Software | 2024-11-21 | 4.3 Medium |
| A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-4382 | 1 Tdevs | 1 Hyip Rio | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-36623 | 1 Loxone | 2 Miniserver Go Gen 2, Miniserver Go Gen 2 Firmware | 2024-11-21 | 7.8 High |
| The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges. | ||||
| CVE-2023-34338 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | 7.1 High |
| AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | ||||
| CVE-2023-34473 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | 6.6 Medium |
| AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | ||||
| CVE-2023-6767 | 1 Remyandrade | 1 Wedding Guest E-book | 2024-11-21 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in SourceCodester Wedding Guest e-Book 1.0. This affects an unknown part of the file /endpoint/add-guest.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-247899. | ||||
| CVE-2023-6945 | 1 Mayurik | 1 Online Student Management System | 2024-11-21 | 2.4 Low |
| A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248377 was assigned to this vulnerability. | ||||