Export limit exceeded: 363781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47163 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33925 | 1 Pluginforage | 1 Woocommerce Product Categories Selection Widget | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PluginForage WooCommerce Product Categories Selection Widget plugin <= 2.0 versions. | ||||
| CVE-2023-33840 | 1 Ibm | 1 Security Verify Governance | 2024-11-21 | 4.8 Medium |
| IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256037. | ||||
| CVE-2023-33836 | 1 Ibm | 1 Security Verify Governance | 2024-11-21 | 5.3 Medium |
| IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016. | ||||
| CVE-2023-33800 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33799 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33798 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Rack (/dcim/rack/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33797 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Sites (/dcim/sites/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33794 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Tenants (/tenancy/tenants/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33793 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Power Panels (/dcim/power-panels/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33792 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Site Groups (/dcim/site-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33791 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Provider Accounts (/circuits/provider-accounts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33790 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33789 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33788 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Providers (/circuits/providers/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33787 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33786 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | ||||
| CVE-2023-33744 | 1 Teleadapt | 2 Roomcast Ta-2400, Roomcast Ta-2400 Firmware | 2024-11-21 | 9.8 Critical |
| TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671. | ||||
| CVE-2023-33580 | 1 Phpgurukul | 1 Student Study Center Management System | 2024-11-21 | 4.8 Medium |
| Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page. | ||||
| CVE-2023-33564 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3. | ||||
| CVE-2023-33560 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3. | ||||