CWE:
 

Topic
Date
Author
Low
ERPNext 12.18.0 / 13.0.0 Cross Site Scripting
11.05.2021
Stefan Pietsch
Low
PHP Timeclock 1.04 Cross Site Scripting
10.05.2021
Tyler Butler
High
Xmind 2020 Cross Site Scripting / Code Execution
09.05.2021
Taurus Omar
Low
Markright 1.0 XSS to RCE
09.05.2021
TaurusOmar
Med.
Anote 1.0 Cross Site Scripting / Code Execution
08.05.2021
Taurus Omar
Low
StudyMD 0.3.2 XSS to RCE
07.05.2021
TaurusOmar
Low
Moeditor 0.2.0 Cross Site Scripting / Code Execution
06.05.2021
Taurus Omar
Low
Markright 1.0 Cross Site Scripting / Code Execution
06.05.2021
Taurus Omar
Low
Schlix CMS 2.2.6-6 Cross Site Scripting
06.05.2021
Emircan Bas
Med.
Anote 1.0 XSS to RCE
05.05.2021
TaurusOmar
Low
Adtran Personal Phone Manager 10.8.1 Multiple Reflected Cross-Site Scripting (XSS)
03.05.2021
3ndG4me
Low
Moodle 3.10.3 url Persistent Cross Site Scripting
02.05.2021
UVision
Low
Kirby CMS 3.5.3.1 Cross Site Scripting
30.04.2021
Sreenath Raghunathan
Low
Moodle 3.6.1 Persistent Cross-Site Scripting (XSS)
30.04.2021
farisv
Med.
OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting
30.04.2021
Martin Heiland
Low
PFSense 2.5.0 Cross Site Scripting
29.04.2021
William Costa
Low
Montiorr 1.7.6m Cross Site Scripting
27.04.2021
Ahmad Shakla
Low
Sipwise C5 NGCP CSC Cross Site Scripting
23.04.2021
LiquidWorm
Low
WordPress Plugin RSS for Yandex Turbo 1.29 Stored Cross-Site Scripting (XSS)
23.04.2021
Himamshu Dilip Kulkarn...
Low
BMD BMDWeb 2.0 Cross Site Scripting
23.04.2021
Stefan Viehbock
Low
DzzOffice 2.02.1 Cross Site Scripting
23.04.2021
nu11secur1ty
Low
RemoteClinic 2.0 Multiple Stored Cross-Site Scripting (XSS)
22.04.2021
Saud Ahmad
Low
Adtran Personal Phone Manager 10.8.1 Cross Site Scripting
21.04.2021
3ndG4me
Low
WordPress RSS For Yandex Turbo 1.29 Cross Site Scripting
21.04.2021
Himamshu Dilip Kulkarn...
Low
jQuery 1.0.3 Cross Site Scripting
16.04.2021
Central Infosec
Low
htmly 2.8.0 Cross Site Scripting
16.04.2021
nu11secur1ty
Low
Tileserver-gl 3.0.0 Cross Site Scripting
16.04.2021
Akash Chathoth
High
Webmail Edition 5.2.22 XSS / Remote Code Execution
15.04.2021
nu11secur1ty
Low
jQuery 1.2 Cross Site Scripting
15.04.2021
Central Infosec
Low
Horde Groupware Webmail 5.2.22 Cross Site Scripting
15.04.2021
nu11secur1ty
Low
Atlassian Jira Service Desk 4.9.1 Cross Site Scripting
10.04.2021
Captain_hook
Low
Custom CMS Okezone - Cross-Site Scripting Vulnerabilities
09.04.2021
Gh05t666nero
Low
Simple Traffic Offense System 1.0 Cross Site Scripting
05.04.2021
Richard Jones
Low
Realteo WordPress Plugin <= 1.2.3 - Unauthenticated Reflected XSS
02.04.2021
m0ze
Low
Goto WordPress Theme <= 1.9 - Unauthenticated Reflected XSS
01.04.2021
m0ze
Low
Hotel And Lodge Management System 1.0 Customer Details Stored XSS
01.04.2021
Jitendra Kumar Tripath...
Low
GetSimple CMS Custom JS Plugin 0.1 CSRF to Persistent XSS
31.03.2021
Abhishek Joshi
Low
Budget Management System 1.0 Cross Site Scripting
29.03.2021
Jitendra Kumar Tripath...
Low
Health Center Patient Record Management System 1.0 Cross Site Scripting
29.03.2021
Richard Jones
Low
Equipment Inventory System 1.0 Cross Site Scripting
29.03.2021
Jitendra Kumar Tripath...
Low
Genexis Platinum-4410 P4410-V2-1.31A Cross Site Scripting
27.03.2021
Jithin KS
Low
Regis Inventory And Monitoring System 1.0 Cross Site Scripting
27.03.2021
George Tsimpidas
Low
WordPress GiveWP 2.9.7 Cross Site Scripting
24.03.2021
Austin Bentley
Low
Boonex Dolphin 7.4.2 Cross Site Scripting
19.03.2021
Piyush Patil
Low
VestaCP 0.9.8 Cross Site Scripting
18.03.2021
numan turle
Low
VoIPmonitor WEB GUI 24.55 Cross Site Scripting
16.03.2021
Sandro Gauci
Low
MyBB OUGC Feedback 1.8.22 Cross Site Scripting
15.03.2021
0xB9
Low
QCubed 3.1.1 Cross Site Scripting
13.03.2021
Wolfgang Hotwagner
Low
WEBIM 10.2.55 Cross Site Scripting
10.03.2021
AsCiI
Low
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
09.03.2021
Richard Jones
Low
Joomla Matukio Events 7.0.5 Cross Site Scripting
08.03.2021
Vincent666 ibn Winnie
Low
LightCMS 1.3.4 exclusive Stored XSS
06.03.2021
Peithon
Low
Textpattern CMS 4.9.0-dev Cross Site Scripting
06.03.2021
Tushar Vaidya
Low
Web Based Quiz System 1.0 Cross Site Scripting
02.03.2021
Praharsh Kumar Singh
Low
Concrete5 8.5.4 Cross Site Scripting
02.03.2021
nu11secur1ty
Low
Profiling System For Human Resource Management 1.0 Cross Site Scripting
02.03.2021
Richard Jones
Low
Doctor Appointment System 1.0 Cross Site Scripting
28.02.2021
Soham Bakore
Low
Triconsole 3.75 Cross Site Scripting
28.02.2021
Akash Chathoth
Low
LightCMS 1.3.4 Cross Site Scripting
27.02.2021
Peithon
Low
Monica 2.19.1 last_name Stored XSS
26.02.2021
BouSalman
Low
Vehicle Parking Management System 1.0 catename Persistent Cross-Site Scripting (XSS)
25.02.2021
Tushar Vaidya
Low
Beauty Parlour Management System 1.0 Cross Site Scripting
20.02.2021
Thinkland Security Tea...
Low
Comment System 1.0 Cross Site Scripting
20.02.2021
Pintu Solanki
Low
OpenText Content Server 20.3 Cross Site Scripting
20.02.2021
Kamil Brenski
Low
BlackCat CMS 1.3.6 Cross Site Scripting
18.02.2021
Kamaljeet Kumar
Low
SolarWinds Serv-U FTP Server 15.2.1 Cross Site Scripting
13.02.2021
Jack Misiura
Med.
SmartFoxServer 2X 2.17.0 God Mode Console WebSocket XSS
12.02.2021
LiquidWorm
Low
PEEL Shopping 9.3.0 Cross Site Scripting
11.02.2021
Anmol K Sachan
Low
Adobe Magento Commerce Cross Site Scripting
11.02.2021
Natsasit Jirathammanuw...
Low
b2evolution CMS 6.11.6 Cross Site Scripting
11.02.2021
Nakul Ratti
Low
Online Car Rental System 1.0 Cross Site Scripting
09.02.2021
Naved Shaikh
Low
Alt-N MDaemon Webmail 20.0.0 Cross Site Scripting
08.02.2021
Kailash Bohara
Low
SmartFoxServer 2X 2.17.0 God Mode Console WebSocket Cross Site Scripting
08.02.2021
LiquidWorm
Low
Jenzabar 9.2.2 Cross Site Scripting
08.02.2021
y0ung_dst
Med.
WordPress Supsystic Data Tables Generator 1.9.96 XSS / SQL Injection
08.02.2021
Erik David Martin
Low
Simple Public Chat Room 1.0 Cross Site Scripting
31.01.2021
Richard Jones
Low
ZEN SERVICES Cross Site Scripting (XSS)
31.01.2021
h4shur
Low
headlight Cross Site Scripting (XSS)
31.01.2021
h4shur
Low
CANDOUR SOFTWARE Cross Site Scripting (XSS)
31.01.2021
h4shur
Low
MIProject Cross Site Scripting (XSS)
31.01.2021
s433d3h
Low
Aplikasi PPDB Online - Cross-site-scripting (POST) Vulnerabilities
30.01.2021
Gh05t666nero
Low
BloofoxCMS 0.5.2.1 Cross Site Scripting
29.01.2021
LiPeiYi
Low
Chamilo LMS 1.11.14 Cross Site Scripting
29.01.2021
Daniel Bishtawi
Low
STVS ProVision 5.9.10 Cross Site Scripting
29.01.2021
LiquidWorm
Low
EgavilanMedia PHPCRUD 1.0 Full Name Stored Cross Site Scripting
29.01.2021
Mahendra Purbia
Med.
Revive Adserver 5.1.0 Cross Site Scripting
29.01.2021
Matteo Beccati
Low
Daily Expense Tracker System 1.0 Cross Site Scripting
27.01.2021
Priyanka Samak
Low
Simple College Website 1.0 Cross Site Scripting
27.01.2021
Marco Catalano
Low
Horizon Softnet Solutions Cross Site Scripting (XSS)
26.01.2021
h4shur
Low
Tenda AC5 AC1200 Wireless Cross Site Scripting
26.01.2021
Chiragh Arora
Low
Selea Targa IP OCR-ANPR Camera Cross Site Scripting
22.01.2021
LiquidWorm
Low
Alumni Management System 1.0 "Last Name field in Registration page" Stored XSS
21.01.2021
Siva Rajendran
Low
WordPress Easy Contact Form 1.1.7 Cross Site Scripting
15.01.2021
Rahul Ramakant Singh
Med.
Online Hotel Reservation System 1.0 Cross Site Scripting
15.01.2021
Mesut Cetin
Med.
Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection
14.01.2021
T. Weber
Med.
flatCore CMS XSS / File Disclosure / SQL Injection
14.01.2021
Calvin Phang
Low
Envira Gallery Lite 1.8.3.2 Cross Site Scripting
14.01.2021
Rodolfo Tavares
Low
WordPress Custom Global Variables 1.0.5 Cross Site Scripting
11.01.2021
Swapnil Subhash Bodeka...
Low
Life Insurance Management System 1.0 Cross Site Scripting
09.01.2021
Arnav Tripathy
Low
Curfew e-Pass Management System 1.0 Cross Site Scripting
08.01.2021
Arnav Tripathy


CVEMAP Search Results

CVE
Details
Description
2021-05-10
Low
CVE-2020-23374

Vendor: 5none
Software: Nonecms
 

 
Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.

 
Low
CVE-2020-23373

Vendor: 5none
Software: Nonecms
 

 
Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.

 
2021-05-07
Waiting for details
CVE-2021-27437

Updating...
 

 
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).

 
Low
CVE-2021-26123

Vendor: Livinglogic
Software: Xist4c
 

 
LivingLogic XIST4C before 0.107.8 allows XSS via login.htm, login.wihtm, or login-form.htm.

 
Low
CVE-2021-26122

Vendor: Livinglogic
Software: Xist4c
 

 
LivingLogic XIST4C before 0.107.8 allows XSS via feedback.htm or feedback.wihtm.

 
Waiting for details
CVE-2021-30172

Updating...
 

 

 
Waiting for details
CVE-2021-30171

Updating...
 

 

 
Waiting for details
CVE-2021-30170

Updating...
 

 

 
Low
CVE-2021-32091

Vendor: Stacklift
Software: Localstack
 

 
A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6.

 
Low
CVE-2021-32103

Vendor: Open-emr
Software: Openemr
 

 
A Stored XSS vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.1 allows a admin authenticated user to inject arbitrary web script or HTML via the lname parameter.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top