Export limit exceeded: 350687 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3831 | 1 Bugfinder | 1 Finounce | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Bug Finder Finounce 1.0 and classified as problematic. This issue affects some unknown processing of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235157 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3830 | 1 Bugfinder | 1 Sass Biller | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Bug Finder SASS BILLER 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /company/store. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-235151. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3828 | 1 Bugfinder | 1 Listplace Directory Listing Platform | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0. It has been classified as problematic. This affects an unknown part of the file /listplace/user/coverPhotoUpdate of the component Photo Handler. The manipulation of the argument user_cover_photo leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235149 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3827 | 1 Bugfinder | 1 Listplace Directory Listing Platform | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /listplace/user/ticket/create of the component HTTP POST Request Handler. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235148. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3822 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4. | ||||
| CVE-2023-3821 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4. | ||||
| CVE-2023-3815 | 1 Ruoyi | 1 Ruoyi | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in y_project RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched remotely. VDB-235118 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-3794 | 1 Bugfinder | 1 Chaincity | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic has been found in Bug Finder ChainCity Real Estate Investment Platform 1.0. Affected is an unknown function of the file /chaincity/user/ticket/create of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. VDB-235062 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3790 | 1 Uxblondon | 1 Boom Cms | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235057 was assigned to this vulnerability. | ||||
| CVE-2023-3789 | 1 Paulprinting Project | 1 Paulprinting | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in PaulPrinting CMS 2018. Affected is an unknown function of the file /account/delivery of the component Search. The manipulation of the argument s leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235056. | ||||
| CVE-2023-3788 | 1 Activeitzone | 1 Active Super Shop | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in ActiveITzone Active Super Shop CMS 2.5. This issue affects some unknown processing of the component Manage Details Page. The manipulation of the argument name/phone/address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235055. | ||||
| CVE-2023-3785 | 1 Paulprinting Project | 1 Paulprinting | 2024-11-21 | 3.5 Low |
| A vulnerability was found in PaulPrinting CMS 2018. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument firstname/lastname/address/city/state leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235052. | ||||
| CVE-2023-3784 | 1 Wifi File Explorer Project | 1 Wifi File Explorer | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235051. | ||||
| CVE-2023-3783 | 1 Webile Wifi Pc File Transfer Project | 1 Webile Wifi Pc File Transfer | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Webile 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP POST Request Handler. The manipulation of the argument new_file_name/c leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-235050 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-3756 | 1 Creativeitem | 1 Atlas | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this issue is some unknown functionality of the file /home/search. The manipulation of the argument search_string leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-234428. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3755 | 1 Creativeitem | 1 Atlas | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /home/filter_listings. The manipulation of the argument price-range leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234427. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3754 | 1 Creativeitem | 1 Ekushey Project Manager | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/message_read/xxxxxxxx[random-msg-hash]. The manipulation of the argument message leads to cross site scripting. It is possible to launch the attack remotely. VDB-234426 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3753 | 1 Creativeitem | 1 Mastery Lms | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234423. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3752 | 1 Creativeitem | 1 Academy Lms | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Creativeitem Academy LMS 5.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home/courses. The manipulation of the argument sort_by leads to cross site scripting. The attack may be launched remotely. VDB-234422 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3691 | 1 Layui | 1 Layui | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.8.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-234237 was assigned to this vulnerability. | ||||