Export limit exceeded: 47413 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47413 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47680 | 1 Qodeinteractive | 1 Qi Addons For Elementor | 2025-01-08 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Qode Interactive Qi Addons For Elementor plugin <= 1.6.3 versions. | ||||
| CVE-2023-47673 | 1 Thecrowned | 1 Post Pay Counter | 2025-01-08 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stefano Ottolenghi Post Pay Counter plugin <= 2.784 versions. | ||||
| CVE-2023-47665 | 1 Plainviewplugins | 1 Plainview Protect Passwords | 2025-01-08 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in edward_plainview Plainview Protect Passwords plugin <= 1.4 versions. | ||||
| CVE-2023-47662 | 1 Goldbroker | 1 Live Gold Price \& Silver Price Charts Widgets | 2025-01-08 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GoldBroker.Com Live Gold Price & Silver Price Charts Widgets plugin <= 2.4 versions. | ||||
| CVE-2023-47710 | 1 Ibm | 1 Security Guardium | 2025-01-08 | 5.4 Medium |
| IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271525. | ||||
| CVE-2023-34408 | 1 Dokuwiki | 1 Dokuwiki | 2025-01-08 | 5.4 Medium |
| DokuWiki before 2023-04-04a allows XSS via RSS titles. | ||||
| CVE-2023-33763 | 1 Simpleredak | 1 Simpleredak | 2025-01-08 | 6.1 Medium |
| eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /scheduler/index.php. | ||||
| CVE-2023-33761 | 1 Simpleredak | 1 Simpleredak | 2025-01-08 | 6.1 Medium |
| eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /view/cb/format_642.php. | ||||
| CVE-2023-33731 | 1 Escanav | 1 Escan Management Console | 2025-01-08 | 6.1 Medium |
| Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly. | ||||
| CVE-2023-33408 | 1 Minical | 1 Minical | 2025-01-08 | 5.4 Medium |
| Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file. | ||||
| CVE-2023-28705 | 1 Openfind | 1 Mail2000 | 2025-01-08 | 5.4 Medium |
| Openfind Mail2000 has insufficient filtering special characters of email content of its content filtering function. A remote attacker can exploit this vulnerability using phishing emails that contain malicious web pages injected with JavaScript. When users access the system and open the email, it triggers an XSS (Reflected Cross-site scripting) attack. | ||||
| CVE-2023-3086 | 1 Teampass | 1 Teampass | 2025-01-08 | 9.0 Critical |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | ||||
| CVE-2023-3067 | 1 Trilium Project | 1 Trilium | 2025-01-08 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4. | ||||
| CVE-2023-3070 | 1 Corebos | 1 Corebos | 2025-01-08 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | ||||
| CVE-2023-3071 | 1 Tsolucio | 1 Corebos | 2025-01-08 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | ||||
| CVE-2023-3073 | 1 Corebos | 1 Corebos | 2025-01-08 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc. | ||||
| CVE-2023-3074 | 1 Corebos | 1 Corebos | 2025-01-08 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | ||||
| CVE-2022-46088 | 1 Oretnom23 | 1 Online Flight Booking Management System | 2025-01-08 | 6.1 Medium |
| Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the feedback form. | ||||
| CVE-2024-41953 | 1 Zitadel | 1 Zitadel | 2025-01-08 | 4.3 Medium |
| Zitadel is an open source identity management system. ZITADEL uses HTML for emails and renders certain information such as usernames dynamically. That information can be entered by users or administrators. Due to a missing output sanitization, these emails could include malicious code. This may potentially lead to a threat where an attacker, without privileges, could send out altered notifications that are part of the registration processes. An attacker could create a malicious link, where the injected code would be rendered as part of the email. On the user's detail page, the username was also not sanitized and would also render HTML, giving an attacker the same vulnerability. While it was possible to inject HTML including javascript, the execution of such scripts would be prevented by most email clients and the Content Security Policy in Console UI. This vulnerability is fixed in 2.58.1, 2.57.1, 2.56.2, 2.55.5, 2.54.8 2.53.9, and 2.52.3. | ||||
| CVE-2024-29891 | 1 Zitadel | 1 Zitadel | 2025-01-08 | 8.7 High |
| ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image in the browser, where a session in ZITADEL needs to be active for this exploit to work. The exploit could only be reproduced if the victim was using Firefox. Chrome, Safari as well as Edge did not execute the code. This vulnerability is fixed in 2.48.3, 2.47.8, 2.46.5, 2.45.5, 2.44.7, 2.43.11, and 2.42.17. | ||||