Export limit exceeded: 363690 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 47149 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47149 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-30489 | 1 I13websolution | 1 Email Subscription Popup | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions. | ||||
| CVE-2023-30485 | 1 Solwininfotech | 1 Avartan-slider-lite | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite plugin <= 1.5.3 versions. | ||||
| CVE-2023-30483 | 1 Kibokolabs | 1 Watu Quiz | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions. | ||||
| CVE-2023-30482 | 1 Villatheme | 1 Wpbulky | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions. | ||||
| CVE-2023-30481 | 1 Profosbox | 1 Agp Font Awesome Collection | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alexey Golubnichenko AGP Font Awesome Collection plugin <= 3.2.4 versions. | ||||
| CVE-2023-30477 | 1 Essitco | 1 Affiliate Solution | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions. | ||||
| CVE-2023-30475 | 1 Couponaffiliates | 1 Woocommerce Affiliate | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions. | ||||
| CVE-2023-30473 | 1 Icopydoc | 1 Yml For Yandex Market | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions. | ||||
| CVE-2023-30472 | 1 Mythemeshop | 1 Url Shortener | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MyThemeShop URL Shortener by MyThemeShop plugin <= 1.0.17 versions. | ||||
| CVE-2023-30436 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 5.5 Medium |
| IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292. | ||||
| CVE-2023-30435 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 8.9 High |
| IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291. | ||||
| CVE-2023-30326 | 1 Chatengine Project | 1 Chatengine | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code. | ||||
| CVE-2023-30322 | 1 Chatengine Project | 1 Chatengine | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code. | ||||
| CVE-2023-30321 | 1 Chatengine Project | 1 Chatengine | 2024-11-21 | 9.0 Critical |
| Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code. | ||||
| CVE-2023-30320 | 1 Chatengine Project | 1 Chatengine | 2024-11-21 | 9.0 Critical |
| Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code. | ||||
| CVE-2023-30319 | 1 Chatengine Project | 1 Chatengine | 2024-11-21 | 9.6 Critical |
| Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code. | ||||
| CVE-2023-2973 | 1 Students Online Internship Timesheet System Project | 1 Students Online Internship Timesheet System | 2024-11-21 | 2.4 Low |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Students Online Internship Timesheet Syste 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_company. The manipulation of the argument name with the input <script>alert(document.cookie)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230204. | ||||
| CVE-2023-2925 | 1 Webkul | 1 Krayin Crm | 2024-11-21 | 2.4 Low |
| A vulnerability, which was classified as problematic, was found in Webkul krayin crm 1.2.4. This affects an unknown part of the file /admin/contacts/organizations/edit/2 of the component Edit Person Page. The manipulation of the argument Organization leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230079. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2864 | 1 Online Jewelry Store Project | 1 Online Jewelry Store | 2024-11-21 | 3.5 Low |
| A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229820. | ||||
| CVE-2023-2862 | 1 Sscms | 1 Siteserver Cms | 2024-11-21 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-229818 is the identifier assigned to this vulnerability. | ||||