Export limit exceeded: 363690 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 47149 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47149 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-30489 1 I13websolution 1 Email Subscription Popup 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions.
CVE-2023-30485 1 Solwininfotech 1 Avartan-slider-lite 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite plugin <= 1.5.3 versions.
CVE-2023-30483 1 Kibokolabs 1 Watu Quiz 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.
CVE-2023-30482 1 Villatheme 1 Wpbulky 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions.
CVE-2023-30481 1 Profosbox 1 Agp Font Awesome Collection 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alexey Golubnichenko AGP Font Awesome Collection plugin <= 3.2.4 versions.
CVE-2023-30477 1 Essitco 1 Affiliate Solution 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.
CVE-2023-30475 1 Couponaffiliates 1 Woocommerce Affiliate 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions.
CVE-2023-30473 1 Icopydoc 1 Yml For Yandex Market 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions.
CVE-2023-30472 1 Mythemeshop 1 Url Shortener 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MyThemeShop URL Shortener by MyThemeShop plugin <= 1.0.17 versions.
CVE-2023-30436 1 Ibm 1 Security Guardium 2024-11-21 5.5 Medium
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.
CVE-2023-30435 1 Ibm 1 Security Guardium 2024-11-21 8.9 High
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.
CVE-2023-30326 1 Chatengine Project 1 Chatengine 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.
CVE-2023-30322 1 Chatengine Project 1 Chatengine 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code.
CVE-2023-30321 1 Chatengine Project 1 Chatengine 2024-11-21 9.0 Critical
Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.
CVE-2023-30320 1 Chatengine Project 1 Chatengine 2024-11-21 9.0 Critical
Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.
CVE-2023-30319 1 Chatengine Project 1 Chatengine 2024-11-21 9.6 Critical
Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.
CVE-2023-2973 1 Students Online Internship Timesheet System Project 1 Students Online Internship Timesheet System 2024-11-21 2.4 Low
A vulnerability, which was classified as problematic, has been found in SourceCodester Students Online Internship Timesheet Syste 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_company. The manipulation of the argument name with the input <script>alert(document.cookie)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230204.
CVE-2023-2925 1 Webkul 1 Krayin Crm 2024-11-21 2.4 Low
A vulnerability, which was classified as problematic, was found in Webkul krayin crm 1.2.4. This affects an unknown part of the file /admin/contacts/organizations/edit/2 of the component Edit Person Page. The manipulation of the argument Organization leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230079. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-2864 1 Online Jewelry Store Project 1 Online Jewelry Store 2024-11-21 3.5 Low
A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229820.
CVE-2023-2862 1 Sscms 1 Siteserver Cms 2024-11-21 3.5 Low
A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-229818 is the identifier assigned to this vulnerability.