Export limit exceeded: 45922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3685 | 1 Nesote | 1 Inout Search Engine Ai Edition | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Nesote Inout Search Engine AI Edition 1.1. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234231. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3683 | 1 Livelyworks | 1 Articart | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in LivelyWorks Articart 2.0.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /items/search. The manipulation of the argument search_term leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234229 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3681 | 1 Retro Cellphone Online Store Project | 1 Retro Cellphone Online Store | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic was found in Campcodes Retro Cellphone Online Store 1.0. This vulnerability affects unknown code of the file /admin/modal_add_product.php. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-234226 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-3672 | 1 Plaidweb | 1 Webmention.js | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5. | ||||
| CVE-2023-3660 | 1 Retro Cellphone Online Store Project | 1 Retro Cellphone Online Store | 2024-11-21 | 2.4 Low |
| A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add_user_modal.php. The manipulation of the argument un leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-234014 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-3659 | 1 Oretnom23 | 1 Ac Repair And Services System | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234013 was assigned to this vulnerability. | ||||
| CVE-2023-3653 | 1 Digital-ant | 1 Digital Ant | 2024-11-21 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital Ant E-Commerce Software allows Stored XSS.This issue affects E-Commerce Software: before 11. | ||||
| CVE-2023-3642 | 1 Gzscripts | 1 Vacation Rental Website | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in GZ Scripts Vacation Rental Website 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /VacationRentalWebsite/property/8/ad-has-principes/ of the component HTTP POST Request Handler. The manipulation of the argument username/title/comment leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-233888. | ||||
| CVE-2023-3641 | 1 Nodcms | 1 Nodcms | 2024-11-21 | 4.3 Medium |
| A vulnerability has been found in khodakhah NodCMS 3.4.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /en/blog-comment-4 of the component POST Request Handler. The manipulation of the argument comment_name/comment_content leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233887. | ||||
| CVE-2023-3620 | 1 Tarteaucitron | 1 Tarteaucitron | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarteaucitron.js prior to v1.13.1. | ||||
| CVE-2023-3588 | 1 3ds | 1 Teamwork Cloud No Magic Release | 2024-11-21 | 5.4 Medium |
| A stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code. | ||||
| CVE-2023-3565 | 1 Teampass | 1 Teampass | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10. | ||||
| CVE-2023-3564 | 1 Gzscripts | 1 Gz Multi Hotel Booking System | 2024-11-21 | 3.5 Low |
| A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System 1.8. It has been classified as problematic. Affected is an unknown function of the file /index.php. The manipulation of the argument adults/children/cal_id leads to cross site scripting. It is possible to launch the attack remotely. VDB-233358 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-3562 | 1 Gzscripts | 1 Php Crm Platform | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-233356. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3561 | 1 Gzscripts | 1 Php Gz Hotel Booking Script | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in GZ Scripts PHP GZ Hotel Booking Script 1.8. This affects an unknown part of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-233355. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3560 | 1 Gzscripts | 1 Ticket Booking Script | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in GZ Scripts Ticket Booking Script 1.8. Affected by this issue is some unknown functionality of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack may be launched remotely. VDB-233354 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3559 | 1 Gzscripts | 1 Php Gz Appointment Scheduling Script | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic was found in GZ Scripts PHP GZ Appointment Scheduling Script 1.8. Affected by this vulnerability is an unknown functionality of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233353 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3558 | 1 Gzscripts | 1 Event Booking Calendar | 2024-11-21 | 3.5 Low |
| A vulnerability classified as problematic has been found in GZ Scripts Event Booking Calendar 1.8. Affected is an unknown function of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-233352. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3557 | 1 Gzscripts | 1 Property Listing Script | 2024-11-21 | 3.5 Low |
| A vulnerability was found in GZ Scripts Property Listing Script 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /preview.php. The manipulation of the argument page/layout/sort_by leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-233351. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-3556 | 1 Gzscripts | 1 Car Listing Script Php | 2024-11-21 | 3.5 Low |
| A vulnerability was found in GZ Scripts Car Listing Script PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /preview.php. The manipulation of the argument page/sort_by leads to cross site scripting. The attack can be initiated remotely. VDB-233350 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||