Export limit exceeded: 350615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45921 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35098 | 1 Wordpress Nextgen Galleryview Project | 1 Wordpress Nextgen Galleryview | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions. | ||||
| CVE-2023-35095 | 1 Flothemes | 1 Flo Forms | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin <= 1.0.40 versions. | ||||
| CVE-2023-35092 | 1 Abhayrajmca | 1 Breadcrumb Simple | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abhay Yadav Breadcrumb simple plugin <= 1.3 versions. | ||||
| CVE-2023-35090 | 1 Stylemixthemes | 1 Masterstudy Lms | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.7 versions. | ||||
| CVE-2023-35048 | 1 Magepeople | 1 Booking \& Rental Manager | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin <= 1.2.1 versions. | ||||
| CVE-2023-35043 | 1 Recent Posts Slider Project | 1 Recent Posts Slider | 2024-11-21 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Neha Goel Recent Posts Slider plugin <= 1.1 versions. | ||||
| CVE-2023-35024 | 1 Ibm | 1 Cloud Pak For Business Automation | 2024-11-21 | 4.6 Medium |
| IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 258349. | ||||
| CVE-2023-34977 | 1 Qnap | 1 Video Station | 2024-11-21 | 4.6 Medium |
| A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later | ||||
| CVE-2023-34941 | 1 Asus | 2 Rt-n10lx, Rt-n10lx Firmware | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-34869 | 1 Phpjabbers | 1 Catering System | 2024-11-21 | 6.1 Medium |
| PHPJabbers Catering System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php?controller=pjAdmin&action=pjActionForgot. | ||||
| CVE-2023-34637 | 1 Isarnet | 1 Isarflow | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in IsarNet AG IsarFlow v5.23 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the dashboard title parameter in the IsarFlow Portal. | ||||
| CVE-2023-34565 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| Netbox 3.5.1 is vulnerable to Cross Site Scripting (XSS) in the "Create Wireless LAN Groups" function. | ||||
| CVE-2023-34447 | 1 Combodo | 1 Itop | 2024-11-21 | 8.8 High |
| iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on `pages/UI.php`, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0. | ||||
| CVE-2023-34446 | 1 Combodo | 1 Itop | 2024-11-21 | 8.8 High |
| iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, when displaying `pages/preferences.php`, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0. | ||||
| CVE-2023-34439 | 1 Pleasanter | 1 Pleasanter | 2024-11-21 | 5.4 Medium |
| Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser. | ||||
| CVE-2023-34412 | 2 Helmholz, Redlion | 34 Rex 200, Rex 200 Firmware, Rex 250 and 31 more | 2024-11-21 | 4.8 Medium |
| A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). | ||||
| CVE-2023-34377 | 1 Joedolson | 1 My Content Management | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joseph C Dolson My Content Management plugin <= 1.7.6 versions. | ||||
| CVE-2023-34375 | 1 10web | 1 Seo | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 10Web SEO by 10Web plugin <= 1.2.9 versions. | ||||
| CVE-2023-34374 | 1 Anspress | 1 Anspress | 2024-11-21 | 5.9 Medium |
| Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Rahul Aryan AnsPress plugin <= 4.3.0 versions. | ||||
| CVE-2023-34372 | 1 Didcode | 1 Spamreferrerblock | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions. | ||||