Export limit exceeded: 45928 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45928 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37221 | 1 7-twenty | 1 Bot | 2024-11-21 | 8.8 High |
| 7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). | ||||
| CVE-2023-37215 | 1 Jbl | 2 Jbl Bar 5.1 Surround, Jbl Bar 5.1 Surround Firmware | 2024-11-21 | 6.2 Medium |
| JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials | ||||
| CVE-2023-37191 | 1 Issabel | 1 Pbx | 2024-11-21 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Group and Description parameters. | ||||
| CVE-2023-37190 | 1 Issabel | 1 Pbx | 2024-11-21 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature. | ||||
| CVE-2023-37189 | 1 Issabel | 1 Pbx | 2024-11-21 | 4.8 Medium |
| A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module. | ||||
| CVE-2023-37164 | 1 Diafan | 1 Diafan.cms | 2024-11-21 | 6.1 Medium |
| Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the cat_id parameter at /shop/?module=shop&action=search. | ||||
| CVE-2023-37153 | 1 Kodcloud | 1 Kodexplorer | 2024-11-21 | 6.1 Medium |
| KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field. | ||||
| CVE-2023-37150 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2024-11-21 | 6.1 Medium |
| Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item. | ||||
| CVE-2023-37136 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37135 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37134 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37133 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Column management module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37132 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37125 | 1 Seacms | 1 Seacms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37124 | 1 Seacms | 1 Seacms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Site Setup module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37122 | 1 Bagesoft | 1 Bagecms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module. | ||||
| CVE-2023-37070 | 1 Code-projects | 1 Hospital Information System | 2024-11-21 | 4.8 Medium |
| Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS) | ||||
| CVE-2023-37067 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section. | ||||
| CVE-2023-37066 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel. | ||||
| CVE-2023-37065 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section. | ||||