Export limit exceeded: 350887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45953 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45953 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-44286 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 8.8 High |
| Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a victim user's DOM environment in the browser. . Exploitation may lead to information disclosure, session theft, or client-side request forgery. | ||||
| CVE-2023-44276 | 1 Opnsense | 1 Opnsense | 2024-11-21 | 5.4 Medium |
| OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard. | ||||
| CVE-2023-44275 | 1 Opnsense | 1 Opnsense | 2024-11-21 | 5.4 Medium |
| OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard. | ||||
| CVE-2023-44272 | 1 Citadel | 1 Citadel | 2024-11-21 | 5.4 Medium |
| A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user. | ||||
| CVE-2023-44265 | 1 Gopiplus | 1 Popup Contact Form | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions. | ||||
| CVE-2023-44264 | 1 Arrowplugins | 1 The Awesome Feed | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions. | ||||
| CVE-2023-44263 | 1 Riyaz | 1 Social Metrics | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Riyaz Social Metrics plugin <= 2.2 versions. | ||||
| CVE-2023-44262 | 1 Renzojohnson | 1 Blocks | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Renzo Johnson Blocks plugin <= 1.6.41 versions. | ||||
| CVE-2023-44245 | 1 Leaptodigital | 1 Contact Form Website To Workflow Tool | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions. | ||||
| CVE-2023-44244 | 1 Fooplugins | 1 Foogallery | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions. | ||||
| CVE-2023-44242 | 1 2joomla | 1 2j Slideshow | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <= 1.3.54 versions. | ||||
| CVE-2023-44239 | 1 Walkswithme | 1 Social Share On Image Hover | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <= 2.2 versions. | ||||
| CVE-2023-44230 | 1 Gopiplus | 1 Popup Contact Form | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions. | ||||
| CVE-2023-44229 | 1 Gopiplus | 1 Tiny Carosel Horizontal Slider | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny Carousel Horizontal Slider plugin <= 8.1 versions. | ||||
| CVE-2023-44228 | 1 Gopiplus | 1 Onclick Show Popup | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions. | ||||
| CVE-2023-44207 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | ||||
| CVE-2023-44174 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-11-21 | 6.4 Medium |
| Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability. | ||||
| CVE-2023-44173 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-11-21 | 5.4 Medium |
| Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability. | ||||
| CVE-2023-44145 | 1 Jesweb | 1 Anchor Episodes Index \(spotify For Podcasters\) | 2024-11-21 | 6.5 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <= 2.1.7 versions. | ||||
| CVE-2023-44144 | 1 Dreamfoxmedia | 1 Payment Gateway Per Product For Woocommerce | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <= 3.2.7 versions. | ||||