Export limit exceeded: 45791 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45791 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27913 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components. | ||||
| CVE-2022-27887 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter. | ||||
| CVE-2022-27886 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter. | ||||
| CVE-2022-27885 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters. | ||||
| CVE-2022-27884 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter. | ||||
| CVE-2022-27880 | 1 F5 | 1 Traffix Signaling Delivery Controller | 2024-11-21 | 4.8 Medium |
| On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2022-27852 | 1 Wpchill | 1 Kb Support | 2024-11-21 | 6.1 Medium |
| Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5 versions. | ||||
| CVE-2022-27777 | 3 Debian, Redhat, Rubyonrails | 3 Debian Linux, Satellite, Actionpack | 2024-11-21 | 6.1 Medium |
| A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. | ||||
| CVE-2022-27656 | 1 Sap | 3 Netweaver As Abap Kernel, Netweaver As Abap Krnl64uc, Webdispatcher | 2024-11-21 | 6.1 Medium |
| The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | ||||
| CVE-2022-27637 | 1 Pukiwiki | 1 Pukiwiki | 2024-11-21 | 6.1 Medium |
| Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. | ||||
| CVE-2022-27627 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser. | ||||
| CVE-2022-27561 | 1 Hcltech | 1 Traveler | 2024-11-21 | 7.5 High |
| There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf). | ||||
| CVE-2022-27546 | 1 Hcltech | 2 Domino, Hcl Inotes | 2024-11-21 | 8.3 High |
| HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials. | ||||
| CVE-2022-27545 | 1 Hcltech | 1 Bigfix Platform | 2024-11-21 | 4.6 Medium |
| BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page. | ||||
| CVE-2022-27506 | 1 Citrix | 26 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 23 more | 2024-11-21 | 2.7 Low |
| Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | ||||
| CVE-2022-27505 | 1 Citrix | 24 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 21 more | 2024-11-21 | 6.1 Medium |
| Reflected cross site scripting (XSS) | ||||
| CVE-2022-27503 | 1 Citrix | 1 Storefront Server | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9 | ||||
| CVE-2022-27496 | 1 Zero-channel Plus Project | 1 Zero-channel Plus | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors. | ||||
| CVE-2022-27476 | 1 Newbee-mall Project | 1 Newbee-mall | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability at /admin/goods/update in Newbee-Mall v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the goodsName parameter. | ||||
| CVE-2022-27475 | 1 Hotel Management System Project | 1 Hotel Management System | 2024-11-21 | 6.1 Medium |
| Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded. | ||||