Export limit exceeded: 351070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45960 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45960 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47808 | 1 Christinauechi | 1 Add Widgets To Page | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christina Uechi Add Widgets to Page plugin <= 1.3.2 versions. | ||||
| CVE-2023-47800 | 1 Natus | 2 Neuroworks Eeg, Sleepworks | 2024-11-21 | 9.8 Critical |
| Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services. | ||||
| CVE-2023-47797 | 1 Liferay | 1 Liferay Portal | 2024-11-21 | 9.6 Critical |
| Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the `p_l_back_url_title` parameter. | ||||
| CVE-2023-47790 | 1 Popozure | 1 Pz-linkcard | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in Poporon Pz-LinkCard plugin <= 2.4.8 versions. | ||||
| CVE-2023-47786 | 1 Layerslider | 1 Layerslider | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions. | ||||
| CVE-2023-47773 | 1 Yasglobal | 1 Permalinks Customizer | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions. | ||||
| CVE-2023-47772 | 1 Themepunch | 1 Slider Revolution | 2024-11-21 | 6.5 Medium |
| Contributor+ Stored Cross-Site Scripting (XSS) vulnerability in Slider Revolution <= 6.6.14. | ||||
| CVE-2023-47768 | 1 Diywebmastery | 1 Footer Putter | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson Footer Putter plugin <= 1.17 versions. | ||||
| CVE-2023-47767 | 1 Fla-shop | 1 Interactive World Map | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions. | ||||
| CVE-2023-47766 | 1 Ifeelweb | 1 Post Status Notifier Lite | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timo Reith Post Status Notifier Lite plugin <= 1.11.0 versions. | ||||
| CVE-2023-47755 | 1 Aazztech | 1 Woocommerce Product Carousel Slider | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AazzTech WooCommerce Product Carousel Slider plugin <= 3.3.5 versions. | ||||
| CVE-2023-47707 | 3 Ibm, Linux, Microsoft | 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more | 2024-11-21 | 5.4 Medium |
| IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271522. | ||||
| CVE-2023-47699 | 1 Ibm | 1 Sterling Secure Proxy | 2024-11-21 | 6.1 Medium |
| IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270974. | ||||
| CVE-2023-47623 | 1 Clockworkmod | 1 Scrypted | 2024-11-21 | 6.1 Medium |
| Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the login page via the `redirect_uri` parameter. By specifying a url with the javascript scheme (`javascript:`), an attacker can run arbitrary JavaScript code after the login. | ||||
| CVE-2023-47620 | 1 Clockworkmod | 1 Scrypted | 2024-11-21 | 6.1 Medium |
| Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the `owner' and 'pkg` parameters. An attacker can run arbitrary JavaScript code. | ||||
| CVE-2023-47575 | 1 Relyum | 4 Rely-pcie, Rely-pcie Firmware, Rely-rec and 1 more | 2024-11-21 | 6.1 Medium |
| An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS. | ||||
| CVE-2023-47561 | 1 Qnap | 1 Photo Station | 2024-11-21 | 5.5 Medium |
| A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later | ||||
| CVE-2023-47520 | 1 Michaeluno | 1 Responsive Column Widgets | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Uno (miunosoft) Responsive Column Widgets plugin <= 1.2.7 versions. | ||||
| CVE-2023-47518 | 1 Vfbpro | 1 Restrict Categories | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew Muro Restrict Categories plugin <= 2.6.4 versions. | ||||
| CVE-2023-47514 | 1 Star-emea | 1 Star Cloudprnt For Woocommerce | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin <= 2.0.3 versions. | ||||