Export limit exceeded: 47163 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47163 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33925 1 Pluginforage 1 Woocommerce Product Categories Selection Widget 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PluginForage WooCommerce Product Categories Selection Widget plugin <= 2.0 versions.
CVE-2023-33840 1 Ibm 1 Security Verify Governance 2024-11-21 4.8 Medium
IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256037.
CVE-2023-33836 1 Ibm 1 Security Verify Governance 2024-11-21 5.3 Medium
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.
CVE-2023-33800 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33799 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33798 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Rack (/dcim/rack/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33797 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Sites (/dcim/sites/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33794 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Tenants (/tenancy/tenants/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33793 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Power Panels (/dcim/power-panels/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33792 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Site Groups (/dcim/site-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33791 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Provider Accounts (/circuits/provider-accounts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33790 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33789 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33788 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Providers (/circuits/providers/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33787 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33786 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33744 1 Teleadapt 2 Roomcast Ta-2400, Roomcast Ta-2400 Firmware 2024-11-21 9.8 Critical
TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671.
CVE-2023-33580 1 Phpgurukul 1 Student Study Center Management System 2024-11-21 4.8 Medium
Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page.
CVE-2023-33564 1 Phpjabbers 1 Time Slots Booking Calendar 2024-11-21 6.1 Medium
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3.
CVE-2023-33560 1 Phpjabbers 1 Time Slots Booking Calendar 2024-11-21 6.1 Medium
There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3.