Export limit exceeded: 45909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2044 | 1 Assaabloy | 1 Control Id Idsecure | 2024-11-21 | 3.5 Low |
| A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unknown code of the component Dispositivos Page. The manipulation of the argument IP-DNS leads to cross site scripting. The attack can be initiated remotely. VDB-225922 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-29998 | 1 Gis3w | 1 G3w-suite | 2024-11-21 | 5.4 Medium |
| A Cross-site scripting (XSS) vulnerability in the content editor in Gis3W g3w-suite 3.5 allows remote authenticated users to inject arbitrary web script or HTML and gain privileges via the description parameter. | ||||
| CVE-2023-29489 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.3 Medium |
| An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31. | ||||
| CVE-2023-29452 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 5.5 Medium |
| Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider. | ||||
| CVE-2023-29441 | 1 Deepsoft | 1 Weblibrarian | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <= 3.5.8.1 versions. | ||||
| CVE-2023-29438 | 1 Simplemodal Contact Form Project | 1 Simplemodal Contact Form | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Martin SimpleModal Contact Form (SMCF) plugin <= 1.2.9 versions. | ||||
| CVE-2023-29437 | 1 Connections-pro | 1 Connections Business Directory | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions. | ||||
| CVE-2023-29436 | 1 Iframe Shortcode Project | 1 Iframe Shortcode | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flyn San IFrame Shortcode plugin <= 1.0.5 versions. | ||||
| CVE-2023-29435 | 1 Zwaply | 1 Cryptocurrency All-in-one | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Zwaply Cryptocurrency All-in-One plugin <= 3.0.19 versions. | ||||
| CVE-2023-29434 | 1 Fancythemes | 1 Optin Forms | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress plugin <= 1.3.1 versions. | ||||
| CVE-2023-29430 | 1 Cththemes | 1 Theroof | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHthemes TheRoof theme <= 1.0.3 versions. | ||||
| CVE-2023-29427 | 1 Tms-outsource | 1 Amelia | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Booking for Appointments and Events Calendar – Amelia plugin <= 1.0.75 versions. | ||||
| CVE-2023-29424 | 1 Plainware | 1 Shiftcontroller | 2024-11-21 | 7.1 High |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions. | ||||
| CVE-2023-29423 | 1 Piwebsolution | 1 Cancel Order Request \/ Return Order \/ Repeat Order \/ Reorder For Woocommerce | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin <= 1.3.2 versions. | ||||
| CVE-2023-29387 | 1 Juliencrego | 1 Manager For Icomoon | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <= 2.0 versions. | ||||
| CVE-2023-29247 | 1 Apache | 1 Airflow | 2024-11-21 | 5.4 Medium |
| Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0. | ||||
| CVE-2023-29171 | 1 Magic-post-thumbnail | 1 Magic Post Thumbnail | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions. | ||||
| CVE-2023-29100 | 1 Dream-theme | 1 The7 | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions. | ||||
| CVE-2023-29098 | 1 Artistscope | 1 Copysafe Web Protection | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <= 3.13 versions. | ||||
| CVE-2023-29097 | 1 A3rev | 1 A3 Portfolio | 2024-11-21 | 5.9 Medium |
| Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions. | ||||