Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45952 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-44276 1 Opnsense 1 Opnsense 2024-11-21 5.4 Medium
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.
CVE-2023-44275 1 Opnsense 1 Opnsense 2024-11-21 5.4 Medium
OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard.
CVE-2023-44272 1 Citadel 1 Citadel 2024-11-21 5.4 Medium
A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.
CVE-2023-44265 1 Gopiplus 1 Popup Contact Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.
CVE-2023-44264 1 Arrowplugins 1 The Awesome Feed 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions.
CVE-2023-44263 1 Riyaz 1 Social Metrics 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Riyaz Social Metrics plugin <= 2.2 versions.
CVE-2023-44262 1 Renzojohnson 1 Blocks 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Renzo Johnson Blocks plugin <= 1.6.41 versions.
CVE-2023-44245 1 Leaptodigital 1 Contact Form Website To Workflow Tool 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions.
CVE-2023-44244 1 Fooplugins 1 Foogallery 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions.
CVE-2023-44242 1 2joomla 1 2j Slideshow 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <= 1.3.54 versions.
CVE-2023-44239 1 Walkswithme 1 Social Share On Image Hover 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <= 2.2 versions.
CVE-2023-44230 1 Gopiplus 1 Popup Contact Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.
CVE-2023-44229 1 Gopiplus 1 Tiny Carosel Horizontal Slider 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny Carousel Horizontal Slider plugin <= 8.1 versions.
CVE-2023-44228 1 Gopiplus 1 Onclick Show Popup 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions.
CVE-2023-44207 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 5.4 Medium
Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44174 1 Projectworlds 1 Online Movie Ticket Booking System 2024-11-21 6.4 Medium
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.
CVE-2023-44173 1 Projectworlds 1 Online Movie Ticket Booking System 2024-11-21 5.4 Medium
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
CVE-2023-44145 1 Jesweb 1 Anchor Episodes Index \(spotify For Podcasters\) 2024-11-21 6.5 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <= 2.1.7 versions.
CVE-2023-44144 1 Dreamfoxmedia 1 Payment Gateway Per Product For Woocommerce 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <= 3.2.7 versions.
CVE-2023-44089 1 Pandorafms 1 Pandora Fms 2024-11-21 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). It was possible to execute malicious JS code on Visual Consoles. This issue affects Pandora FMS: from 700 through 774.