Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 47054 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47054 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46150 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 4.8 Medium |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Special:CheckUserLog allows CheckUser XSS because of date mishandling, as demonstrated by an XSS payload in MediaWiki:October. | ||||
| CVE-2021-46146 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.4 Medium |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The WikibaseMediaInfo component is vulnerable to XSS via the caption fields for a given media file. | ||||
| CVE-2021-46144 | 2 Debian, Roundcube | 2 Debian Linux, Roundcube | 2024-11-21 | 6.1 Medium |
| Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences. | ||||
| CVE-2021-46109 | 1 Asus | 1 Rt-ac52u B1 Firmware | 2024-11-21 | 6.1 Medium |
| Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack. | ||||
| CVE-2021-46108 | 1 Dlink | 2 Dsl-2730e, Dsl-2730e Firmware | 2024-11-21 | 5.4 Medium |
| D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration. | ||||
| CVE-2021-46087 | 1 Jflyfox | 1 Jfinal Cms | 2024-11-21 | 5.4 Medium |
| In jfinal_cms >= 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background permission can affect the system security by entering malicious code. | ||||
| CVE-2021-46084 | 1 Uscat Project | 1 Uscat | 2024-11-21 | 5.4 Medium |
| uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via "close registration information" input box. | ||||
| CVE-2021-46083 | 1 Uscat Project | 1 Uscat | 2024-11-21 | 5.4 Medium |
| uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via the input box of the statistical code. | ||||
| CVE-2021-46080 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. | ||||
| CVE-2021-46074 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. | ||||
| CVE-2021-46073 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. | ||||
| CVE-2021-46072 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. | ||||
| CVE-2021-46071 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. | ||||
| CVE-2021-46070 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. | ||||
| CVE-2021-46069 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. | ||||
| CVE-2021-46068 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 4.8 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. | ||||
| CVE-2021-46065 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2024-11-21 | 4.8 Medium |
| A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code. | ||||
| CVE-2021-46034 | 1 Forestblog Project | 1 Forestblog | 2024-11-21 | 6.1 Medium |
| A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box. | ||||
| CVE-2021-46030 | 1 Javaquarkbbs Project | 1 Javaquarkbbs | 2024-11-21 | 5.4 Medium |
| There is a Cross Site Scripting attack (XSS) vulnerability in JavaQuarkBBS <= v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module. | ||||
| CVE-2021-46025 | 1 Oneblog Project | 1 Oneblog | 2024-11-21 | 5.4 Medium |
| A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background. | ||||