Export limit exceeded: 350819 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350819 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45941 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45941 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3034 | 1 Bund | 1 Bkg Professional Ntripcaster | 2024-11-21 | 4.7 Medium |
| Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions <=2.0.44 | ||||
| CVE-2023-3016 | 1 Vip Video Analysis Project | 1 Vip Video Analysis | 2024-11-21 | 3.5 Low |
| A vulnerability was found in yiwent Vip Video Analysis 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/admincore.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230360. | ||||
| CVE-2023-3014 | 1 Beipyvideoresolution Project | 1 Beipyvideoresolution | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in BeipyVideoResolution up to 2.6. Affected is an unknown function of the file admin/admincore.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230358 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-3005 | 1 Local Service Search Engine Management System Project | 1 Local Service Search Engine Management System | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in SourceCodester Local Service Search Engine Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=save_area of the component POST Parameter Handler. The manipulation of the argument area with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230349 was assigned to this vulnerability. | ||||
| CVE-2023-39991 | 1 Blindsidenetworks | 1 Bigbluebutton | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blindside Networks BigBlueButton plugin <= 3.0.0-beta.4 versions. | ||||
| CVE-2023-39988 | 1 Tencent | 1 Wxsync | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 标准云(std.Cloud) WxSync plugin <= 2.7.23 versions. | ||||
| CVE-2023-39987 | 1 Joomlaserviceprovider | 1 Wsecure | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay Lulia wSecure Lite plugin <= 2.5 versions. | ||||
| CVE-2023-39982 | 1 Moxa | 1 Mxsecurity | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic. | ||||
| CVE-2023-39971 | 1 Acymailing | 1 Acymailing | 2024-11-21 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3. | ||||
| CVE-2023-39955 | 1 Nextcloud | 1 Notes | 2024-11-21 | 3.5 Low |
| Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available. | ||||
| CVE-2023-39938 | 1 I-pro | 1 Video Insight | 2024-11-21 | 6.1 Medium |
| Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-39924 | 1 Simplefilelist | 1 Simple File List | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mitchell Bennis Simple File List plugin <= 6.1.9 versions. | ||||
| CVE-2023-39919 | 1 Maennchen1 | 1 Wpshopgermany - Protected Shops | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany – Protected Shops plugin <= 2.0 versions. | ||||
| CVE-2023-39918 | 1 Saasproject | 1 Booking Package | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <= 1.6.01 versions. | ||||
| CVE-2023-39808 | 1 Nvki | 1 Intelligent Broadband Subscriber Gateway | 2024-11-21 | 9.8 Critical |
| N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service. | ||||
| CVE-2023-39777 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter. | ||||
| CVE-2023-39714 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section. | ||||
| CVE-2023-39712 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section. | ||||
| CVE-2023-39711 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section. | ||||
| CVE-2023-39710 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section. | ||||