Export limit exceeded: 47209 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47209 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-37743 1 Phpgurukul 1 Teacher Subject Allocation System 2024-11-21 6.1 Medium
A cross-site scripting (XSS) vulnerability in Teacher Subject Allocation System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search text box.
CVE-2023-37742 1 Webboss 1 Webboss.io Cms 2024-11-21 6.1 Medium
WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.
CVE-2023-37733 1 Tduckcloud 1 Tduck-platform 2024-11-21 6.1 Medium
An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file.
CVE-2023-37692 1 Octobercms 1 October 2024-11-21 5.4 Medium
An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file.
CVE-2023-37690 1 Phpgurukul 1 Maid Hiring Management System 2024-11-21 4.8 Medium
Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page.
CVE-2023-37689 1 Phpgurukul 1 Maid Hiring Management System 2024-11-21 4.8 Medium
Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page.
CVE-2023-37688 1 Phpgurukul 1 Maid Hiring Management System 2024-11-21 4.8 Medium
Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page.
CVE-2023-37686 1 Phpgurukul 1 Online Nurse Hiring System 2024-11-21 4.8 Medium
Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal.
CVE-2023-37685 1 Phpgurukul 1 Online Nurse Hiring System 2024-11-21 4.8 Medium
Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal.
CVE-2023-37684 1 Phpgurukul 1 Online Nurse Hiring System 2024-11-21 4.8 Medium
Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Details of the Admin portal.
CVE-2023-37683 1 Phpgurukul 1 Online Nurse Hiring System 2024-11-21 4.8 Medium
Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Profile Page of the Admin.
CVE-2023-37658 1 Fastposter 1 Fast-poster 2024-11-21 5.4 Medium
fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File upload check binary of img, but without strictly check file suffix at /server/fast.py -> ApiUploadHandler.post causes stored XSS
CVE-2023-37657 1 Lm21 1 Twonav 2024-11-21 5.4 Medium
TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting (XSS).
CVE-2023-37636 1 Webkul 1 Uvdesk 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.
CVE-2023-37630 1 Simple Online Piggery Management System Project 1 Simple Online Piggery Management System 2024-11-21 6.1 Medium
Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting (XSS). An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS.
CVE-2023-37625 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates.
CVE-2023-37623 1 Netdisco 1 Netdisco 2024-11-21 4.8 Medium
Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm.
CVE-2023-37613 1 Assemblysoftware 1 Trialworks 2024-11-21 6.1 Medium
A cross-site scripting (XSS) vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter.
CVE-2023-37611 1 Neos 1 Neos Cms 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the neos/management/media component.
CVE-2023-37602 1 Alkacon 1 Opencms 2024-11-21 6.1 Medium
An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.