Export limit exceeded: 367176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 47476 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47476 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0523 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.4 Medium |
| An issue has been discovered in GitLab affecting all versions starting from 15.6 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. An XSS was possible via a malicious email address for certain instances. | ||||
| CVE-2023-28341 | 1 Zohocorp | 1 Manageengine Applications Manager | 2025-02-10 | 6.1 Medium |
| Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page. | ||||
| CVE-2023-1756 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 4.7 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1757 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1878 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1879 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1880 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 6.1 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1881 | 1 Microweber | 1 Microweber | 2025-02-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. | ||||
| CVE-2023-1882 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1884 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 6.1 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1885 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-10 | 6.3 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1892 | 1 Contribsys | 1 Sidekiq | 2025-02-10 | 9.6 Critical |
| Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8. | ||||
| CVE-2024-21990 | 1 Netapp | 1 Ontap Select Deploy Administration Utility | 2025-02-10 | 5.4 Medium |
| ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials. | ||||
| CVE-2024-3616 | 1 Oretnom23 | 1 Warehouse Management System | 2025-02-10 | 3.5 Low |
| A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argument admin_user/admin_nama/admin_alamat/admin_telepon leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260272. | ||||
| CVE-2023-1851 | 1 Online Payroll System Project | 1 Online Payroll System | 2025-02-10 | 3.5 Low |
| A vulnerability classified as problematic has been found in SourceCodester Online Payroll System 1.0. This affects an unknown part of the file /admin/employee_add.php. The manipulation of the argument of leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224991. | ||||
| CVE-2023-1853 | 1 Online Payroll System Project | 1 Online Payroll System | 2025-02-10 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Online Payroll System 1.0. This issue affects some unknown processing of the file /admin/employee_edit.php. The manipulation of the argument of leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224993 was assigned to this vulnerability. | ||||
| CVE-2022-47053 | 1 Dnnsoftware | 1 Dotnetnuke | 2025-02-10 | 5.4 Medium |
| An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file. | ||||
| CVE-2023-28636 | 1 Glpi-project | 1 Glpi | 2025-02-10 | 4.5 Medium |
| GLPI is a free asset and IT management software package. Starting in version 0.60 and prior to versions 9.5.13 and 10.0.7, a vulnerability allows an administrator to create a malicious external link. This issue is fixed in versions 9.5.13 and 10.0.7. | ||||
| CVE-2023-28849 | 1 Glpi-project | 1 Glpi | 2025-02-10 | 10 Critical |
| GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.7, GLPI inventory endpoint can be used to drive a SQL injection attack. It can also be used to store malicious code that could be used to perform XSS attack. By default, GLPI inventory endpoint requires no authentication. Version 10.0.7 contains a patch for this issue. As a workaround, disable native inventory. | ||||
| CVE-2023-28852 | 1 Glpi-project | 1 Glpi | 2025-02-10 | 4.8 Medium |
| GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versions 9.5.13 and 10.0.7 contain a patch for this issue. | ||||