Export limit exceeded: 45839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45839 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45827 | 1 Galleryplugins | 1 Video Contest | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GalleryPlugins Video Contest plugin <= 3.2 versions. | ||||
| CVE-2022-45821 | 1 Nootheme | 1 Noo Timetable | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in NooTheme Noo Timetable plugin <= 2.1.3 versions. | ||||
| CVE-2022-45816 | 1 Dev4press | 1 Gd Bbpress Attachments | 2024-11-21 | 4.8 Medium |
| Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress. | ||||
| CVE-2022-45722 | 1 Gzwhir | 1 Ezeip | 2024-11-21 | 6.1 Medium |
| ezEIP v5.3.0(0649) was discovered to contain a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2022-45448 | 1 Prestashop | 1 M4 Pdf | 2024-11-21 | 3.5 Low |
| M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to an arbitrary HTML Document crafting vulnerability. The resource /m4pdf/pdf.php uses templates to dynamically create documents. In the case that the template does not exist, the application will return a fixed document with a message in mpdf format. An attacker could exploit this vulnerability by inputting a valid HTML/CSS document as the value of the parameter. | ||||
| CVE-2022-45375 | 1 Cyberchimps | 1 Ifeature Slider | 2024-11-21 | 5.4 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in iFeature Slider plugin <= 1.2 on WordPress. | ||||
| CVE-2022-45366 | 1 Wp-slimstat | 1 Slimstat Analytics | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.4 versions. | ||||
| CVE-2022-45363 | 1 Muffingroup | 1 Betheme | 2024-11-21 | 5.4 Medium |
| Auth. (subscriber+) Stored Cross-Site Scripting (XSS) in Muffingroup Betheme theme <= 26.6.1 on WordPress. | ||||
| CVE-2022-45218 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | 6.1 Medium |
| Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This vulnerability is triggered via a crafted payload injected into an authentication error message. | ||||
| CVE-2022-45176 | 1 Liveboxcloud | 1 Vdesk | 2024-11-21 | 6.1 Medium |
| An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting (XSS) can occur under the /api/v1/getbodyfile endpoint via the uri parameter. The web application (through its vShare functionality section) doesn't properly check parameters, sent in HTTP requests as input, before saving them on the server. In addition, crafted JavaScript content can then be reflected back to the end user and executed by the web browser. | ||||
| CVE-2022-45137 | 1 Wago | 14 751-9301, 751-9301 Firmware, 752-8303\/8000-002 and 11 more | 2024-11-21 | 6.1 Medium |
| The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability. | ||||
| CVE-2022-45082 | 1 Oxilab | 1 Accordions | 2024-11-21 | 3.4 Low |
| Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key. | ||||
| CVE-2022-44741 | 1 Slidervilla | 1 Testimonial Slider | 2024-11-21 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress. | ||||
| CVE-2022-44736 | 1 Chameleon Project | 1 Chameleon | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Chameleon plugin <= 1.4.3 on WordPress. | ||||
| CVE-2022-44612 | 1 Intel | 1 Unison | 2024-11-21 | 5.5 Medium |
| Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access. | ||||
| CVE-2022-44591 | 1 Anthologize Project | 1 Anthologize | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anthologize plugin <= 0.8.0 on WordPress. | ||||
| CVE-2022-44390 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field. | ||||
| CVE-2022-43955 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 8 High |
| An improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross site scripting attack (XSS) via injecting malicious payload in log entries used to build report. | ||||
| CVE-2022-43952 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 3.3 Low |
| An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests. | ||||
| CVE-2022-43909 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 4.6 Medium |
| IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905. | ||||