Export limit exceeded: 350235 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45899 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45899 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24675 | 1 Bludit | 1 Bludit | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL. | ||||
| CVE-2023-24516 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 5.9 Medium |
| Cross-site Scripting (XSS) vulnerability in the Pandora FMS Special Days component allows an attacker to use it to steal the session cookie value of admin users easily with little user interaction. This issue affects Pandora FMS v767 version and prior versions on all platforms. | ||||
| CVE-2023-24514 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 6.3 Medium |
| Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms. | ||||
| CVE-2023-24488 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2024-11-21 | 6.1 Medium |
| Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting | ||||
| CVE-2023-24420 | 1 Zestard | 1 Admin Side Data Storage For Contact Form 7 | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Zestard Technologies Admin side data storage for Contact Form 7 plugin <= 1.1.1 versions. | ||||
| CVE-2023-24413 | 1 I13websolution | 1 Wordpress Vertical Image Slider | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress vertical image slider plugin <= 1.2.16 versions. | ||||
| CVE-2023-24412 | 1 Web-settler | 1 Image Social Feed | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Web-Settler Image Social Feed plugin <= 1.7.6 versions. | ||||
| CVE-2023-24401 | 1 Davidsword | 1 Mobile Call Now \& Map Buttons | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davidsword Mobile Call Now & Map Buttons plugin <= 1.5.0 versions. | ||||
| CVE-2023-24397 | 1 Reservation | 1 Reservation.studio | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Reservation.Studio Reservation.Studio widget plugin <= 1.0.11 versions. | ||||
| CVE-2023-24396 | 1 Vikwp | 1 Vikbooking Hotel Booking Engine \& Pms | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.11 versions. | ||||
| CVE-2023-24394 | 1 Iframe Project | 1 Iframe | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy iframe popup plugin <= 3.3 versions. | ||||
| CVE-2023-24393 | 1 Wpmart | 1 Animated Number Counters | 2024-11-21 | 6.5 Medium |
| Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Sk. Abul Hasan Animated Number Counters plugin <= 1.6 versions. | ||||
| CVE-2023-24391 | 1 Spiderteams | 1 Applyonline - Application Form Builder And Manager | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline plugin <= 2.5 versions. | ||||
| CVE-2023-24390 | 1 Wesecur | 1 Wesecur | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WeSecur Security plugin <= 1.2.1 versions. | ||||
| CVE-2023-24389 | 1 Brandid | 1 Social Proof \(testimonial\) Slider | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in brandiD Social Proof (Testimonial) Slider plugin <= 2.2.3 versions. | ||||
| CVE-2023-24385 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 5.9 Medium |
| Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in David Lingren Media Library Assistant plugin <= 3.11 versions. | ||||
| CVE-2023-24381 | 1 Nsthemes | 1 Advanced Social Pixel | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes Advanced Social Pixel plugin <= 2.1.1 versions. | ||||
| CVE-2023-24070 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-11-21 | 6.1 Medium |
| app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field. | ||||
| CVE-2023-24050 | 1 Connectize | 2 Ac21000 G6, Ac21000 G6 Firmware | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary code via crafted string when setting the Wi-Fi password in the admin panel. | ||||
| CVE-2023-23998 | 1 E4jconnect | 1 Vikrentcar | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions. | ||||