Export limit exceeded: 47209 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47209 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37743 | 1 Phpgurukul | 1 Teacher Subject Allocation System | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in Teacher Subject Allocation System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search text box. | ||||
| CVE-2023-37742 | 1 Webboss | 1 Webboss.io Cms | 2024-11-21 | 6.1 Medium |
| WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability. | ||||
| CVE-2023-37733 | 1 Tduckcloud | 1 Tduck-platform | 2024-11-21 | 6.1 Medium |
| An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file. | ||||
| CVE-2023-37692 | 1 Octobercms | 1 October | 2024-11-21 | 5.4 Medium |
| An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2023-37690 | 1 Phpgurukul | 1 Maid Hiring Management System | 2024-11-21 | 4.8 Medium |
| Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page. | ||||
| CVE-2023-37689 | 1 Phpgurukul | 1 Maid Hiring Management System | 2024-11-21 | 4.8 Medium |
| Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page. | ||||
| CVE-2023-37688 | 1 Phpgurukul | 1 Maid Hiring Management System | 2024-11-21 | 4.8 Medium |
| Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page. | ||||
| CVE-2023-37686 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2024-11-21 | 4.8 Medium |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal. | ||||
| CVE-2023-37685 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2024-11-21 | 4.8 Medium |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal. | ||||
| CVE-2023-37684 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2024-11-21 | 4.8 Medium |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Details of the Admin portal. | ||||
| CVE-2023-37683 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2024-11-21 | 4.8 Medium |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Profile Page of the Admin. | ||||
| CVE-2023-37658 | 1 Fastposter | 1 Fast-poster | 2024-11-21 | 5.4 Medium |
| fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File upload check binary of img, but without strictly check file suffix at /server/fast.py -> ApiUploadHandler.post causes stored XSS | ||||
| CVE-2023-37657 | 1 Lm21 | 1 Twonav | 2024-11-21 | 5.4 Medium |
| TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting (XSS). | ||||
| CVE-2023-37636 | 1 Webkul | 1 Uvdesk | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket. | ||||
| CVE-2023-37630 | 1 Simple Online Piggery Management System Project | 1 Simple Online Piggery Management System | 2024-11-21 | 6.1 Medium |
| Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting (XSS). An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS. | ||||
| CVE-2023-37625 | 1 Netbox | 1 Netbox | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates. | ||||
| CVE-2023-37623 | 1 Netdisco | 1 Netdisco | 2024-11-21 | 4.8 Medium |
| Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm. | ||||
| CVE-2023-37613 | 1 Assemblysoftware | 1 Trialworks | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter. | ||||
| CVE-2023-37611 | 1 Neos | 1 Neos Cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the neos/management/media component. | ||||
| CVE-2023-37602 | 1 Alkacon | 1 Opencms | 2024-11-21 | 6.1 Medium |
| An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file. | ||||