CWE:
 

Topic
Date
Author
Med.
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR
10.06.2024
C. Schwarz
Med.
SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure
10.06.2024
T. Weber
Low
Sitefinity 15.0 Cross Site Scripting
04.06.2024
Aldi Saputra Wahyudi
Low
iMLog Cross Site Scripting
02.06.2024
Gabriel Felipe
Low
ORing IAP-420 2.01e Cross Site Scripting / Command Injection
02.06.2024
T. Weber
Med.
HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation
29.05.2024
Thorger Jansen
High
NorthStar C2 Cross Site Scripting / Code Execution
28.05.2024
h00die
Low
Jcow Social Network Cross Site Scripting
24.05.2024
tmrswrr
High
CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution
22.05.2024
h00die
Low
Rocket LMS 1.9 Cross Site Scripting
22.05.2024
Sergio Medeiros
Low
Nethserver 7 / 8 Cross Site Scripting
22.05.2024
Andrea Intilangelo
Low
Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting
19.05.2024
malvuln
Low
Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting
19.05.2024
malvuln
Low
Chyrp 2.5.2 Cross Site Scripting
14.05.2024
Ahmet Umit Bayram
Low
Apache mod_proxy_cluster Cross Site Scripting
14.05.2024
Mohamed Mounir Boudjem...
Low
Leafpub 1.1.9 Cross Site Scripting
14.05.2024
Ahmet Umit Bayram
Low
Esteghlal F.C. Cross Site Scripting
13.05.2024
E1.Coders
Low
Panel Amadey.d.c MVID-2024-0680 Cross Site Scripting
11.05.2024
malvuln
Low
SOPlanning 1.52.00 Cross Site Scripting
04.05.2024
liquidsky
Low
Doctor Appointment Management System 1.0 Cross Site Scripting
01.05.2024
SoSPiro
Low
Wordpress Plugin Alemha Watermarker 1.3.1 Stored Cross-Site Scripting (XSS)
21.04.2024
Erdemstar
Low
Wordpress Plugin Playlist for Youtube 1.32 Stored Cross-Site Scripting (XSS)
14.04.2024
Erdemstar
Low
Blood Bank v1.0 Stored Cross Site Scripting (XSS)
14.04.2024
Ersin Erenler
Med.
OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue
11.04.2024
Martin Heiland
Low
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect
11.04.2024
Andrey Stoykov
Low
HTMLy 2.9.6 Cross Site Scripting
08.04.2024
tmrswrr
Low
DerbyNet 9.0 render-document.php Cross Site Scripting
08.04.2024
Valentin Lobstein
Low
Seo Panel 4.7.0 Cross Site Scripting
06.04.2024
Arzu Demirez
Low
Workout Journal App 1.0 Cross Site Scripting
01.04.2024
MURAT CAGRI ALIS
Low
ARIS: Business Process Management 10.0.21.0 Cross Site Scripting
01.04.2024
Seid Yassin
Low
Bludit 3.13.0 Cross Site Scripting
26.03.2024
Gokhan Sensukur
Med.
Insurance Management System PHP And MySQL 1.0 Cross Site Scripting
26.03.2024
Hakki Toklu
Low
LimeSurvey Community 5.3.32 Cross Site Scripting
26.03.2024
Subhankar Singh
Low
Backdrop CMS 1.23.0 Cross Site Scripting
20.03.2024
Sinem Sahin
Low
Financials By Coda Cross Site Scripting
16.03.2024
Leo Draghi
Low
SnipeIT 6.2.1 Stored Cross Site Scripting
13.03.2024
Shahzaib Ali Khan
Low
FullCourt Enterprise 8.2 Cross Site Scripting
09.03.2024
Omar Sabagh
Med.
WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting
29.02.2024
Laburity Research Team
Low
SitePad 1.8.2 Cross Site Scripting
22.02.2024
tmrswrr
Med.
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
22.02.2024
Johannes Volpel
Low
SPA-CART CMS - Stored XSS
20.02.2024
Eren Sen
Med.
WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution
20.02.2024
prodigiousMind
Low
InstantCMS 2.16.1 Cross Site Scripting
20.02.2024
SoSPiro
Low
Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting
20.02.2024
Eren Sen
Low
Statamic CMS Cross Site Scripting
18.02.2024
Niklas Schilling
High
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
15.02.2024
Andrey Stoykov
Low
Wordpress simple urls Plugin < 115 XSS
15.02.2024
AmirZargham
Low
Advanced Page Visit Counter 1.0 Cross Site Scripting
10.02.2024
Furkan Ozer
Low
GYM MS 1.0 Cross Site Scripting
07.02.2024
yozgatalperen1
Low
WhatsUp Gold 2022 (22.1.0 Build 39) XSS
06.02.2024
Andreas Finstad
Low
WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting
06.02.2024
Andreas Finstad
Low
MISP 2.4.171 Cross Site Scripting
06.02.2024
Mucahit Ceri
Med.
WordPress POST SMTP Mailer 2.8.7 Authorization Bypass / Cross Site Scripting
13.01.2024
Ulyses Saicha
Low
PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting
11.01.2024
Rahad Chowdhury
Low
PHPJabbers Event Ticketing System 1.0 Cross Site Scripting / HTML Injection
11.01.2024
Rahad Chowdhury
Low
PHPJabbers Shared Asset Booking System 1.0 Cross Site Scripting
11.01.2024
Rahad Chowdhury
Low
iGalerie 3.0.22 Cross Site Scripting
10.01.2024
tmrswrr
Low
WebCalendar 1.3.0 Cross Site Scripting
03.01.2024
tmrswrr
Low
WhatACart 2.0.7 Cross Site Scripting
27.12.2023
tmrswrr
Low
ShopSite 14.0 Cross Site Scripting
26.12.2023
tmrswrr
Low
GaatiTrack Courier Management System 1.0 Cross Site Scripting
20.11.2023
Rahad Chowdhury
Low
Shuttle Booking Software 2.0 Cross Site Scripting
20.11.2023
Rahad Chowdhury
Low
Moodle 4.3 Cross Site Scripting
23.10.2023
tmrswrr
Med.
WordPress Core 6.3.1 XSS / DoS / Arbitrary Shortcode Execution
13.10.2023
James Golovich
Low
WordPress Sonaar Music 4.7 Cross Site Scripting
10.10.2023
Furkan Karaarslan
Low
WordPress KiviCare 3.2.0 Cross Site Scripting
05.10.2023
Arvandy
Med.
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
03.10.2023
Fabian Hagg
Low
openVIVA c2 20220101 Cross Site Scripting
03.10.2023
Daniel Hirschberger
Low
WordPress Contact Form Generator 2.5.5 Cross Site Scripting
03.10.2023
Arvandy
Med.
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
25.09.2023
Yasar Klawohn
Low
Taskhub 2.8.8 Cross Site Scripting
24.09.2023
nu11secur1ty
Low
Night Club Booking Software 1.0 Cross Site Scripting
18.09.2023
nu11secur1ty
Low
Italia Mediasky CMS 2.0 Cross Site Scripting
18.09.2023
indoushka
Low
PTC - Codebeamer Cross Site Scripting
18.09.2023
Niklas Schilling
Low
Academy LMS 6.2 Cross Site Scripting
15.09.2023
CraCkEr
Med.
WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection
13.09.2023
Lana Codes
Low
Cinema Booking System 1.0 Cross Site Scripting
10.09.2023
nu11secur1ty
Low
Event Booking Calendar 4.0 Cross Site Scripting
10.09.2023
nu11secur1ty
Low
Wordpress Sonaar Music Plugin 4.7 - Stored XSS
09.09.2023
Furkan Karaarslan
Low
Axigen 10.5.0&#8211;4370c946 Cross Site Scripting
09.09.2023
AmirZargham
Low
Axigen 10.5.0&#8211;4370c946 Cross Site Scripting
09.09.2023
AmirZargham
Low
CSZ CMS 1.3.0 Cross Site Scripting
04.09.2023
Daniel Gonzalez
Low
PHP JABBERS PHP Review Script 1.0 Cross Site Scripting
31.08.2023
nu11secur1ty
Low
Jorani 1.0.3 Cross Site Scripting
28.08.2023
nu11secur1ty
Low
User Registration And Login And User Management System 3.0 Cross Site Scripting
24.08.2023
Ashutosh Singh Umath
Low
Uvdesk 1.1.4 Cross Site Scripting
24.08.2023
Hubert Wojciechowski
Low
E-partenaire LMS 1.0.0 Cross Site Scripting
19.08.2023
indoushka
Low
Blood Donor Management System 1.0 Cross Site Scripting
16.08.2023
Ehlullah Albayrak
High
Hyip Rio 2.1 Cross Site Scripting / File Upload
16.08.2023
CraCkEr
Low
Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting
15.08.2023
T. Weber
Med.
Phoenix Contact TC Cloud / TC Router 2.x XSS / Memory Consumption
15.08.2023
T. Weber
Low
Webedition CMS v2.9.8.8 Stored XSS
13.08.2023
Mirabbas Ağalarov
Low
Dolibarr 17.0.1>x Stored XSS
11.08.2023
Furkan Karaarslan
Low
Joomla VirtueMart Shopping Cart 4.0.12 Reflected XSS
11.08.2023
CraCkEr
Low
JLex GuestBook 1.6.4 Reflected XSS
10.08.2023
CraCkEr
Low
Lucee 5.4.2.17 Cross Site Scripting
09.08.2023
Yehia Elghaly
Low
WordPress Ninja Forms 3.6.25 Cross Site Scripting
08.08.2023
Mehran Seifalinia
Low
Webedition CMS 2.9.8.8 Cross Site Scripting
06.08.2023
Mirabbas Agalarov
Low
mooSocial 3.1.8 - Reflected XSS
05.08.2023
CraCkEr
Low
Social-Commerce 3.1.6 - Reflected XSS
05.08.2023
CraCkEr


CVEMAP Search Results

CVE
Details
Description
2024-06-14
Waiting for details
CVE-2024-31160

Updating...
 

 
The parameter used in the certain page of ASUS Download Master is not properly filtered for user input. A remote attacker with administrative privilege can insert JavaScript code to the parameter for Stored Cross-site scripting attacks.

 
Waiting for details
CVE-2024-31159

Updating...
 

 
The parameter used in the certain page of ASUS Download Master is not properly filtered for user input. A remote attacker with administrative privilege can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.

 
2024-06-13
Waiting for details
CVE-2024-4176

Updating...
 

 
An Cross site scripting vulnerability in the EDR XConsole before this release allowed an attacker to potentially leverage an XSS/HTML-Injection using command line variables. A malicious threat actor could execute commands on the victim's browser for sending carefully crafted malicious links to the EDR XConsole end user.

 
Waiting for details
CVE-2024-34105

Updating...
 

 
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim�??s browser when they browse to the page containing the vulnerable field.

 
Waiting for details
CVE-2024-36239

Updating...
 

 
Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user interaction, such as convincing a victim to click on a specially crafted link.

 
Waiting for details
CVE-2024-36238

Updating...
 

 
Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires user interaction, such as convincing a user to click on a malicious link or to interact with a maliciously crafted web page.

 
Waiting for details
CVE-2024-36236

Updating...
 

 
Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user interaction, such as convincing a victim to click on a specially crafted link.

 
Waiting for details
CVE-2024-36234

Updating...
 

 
Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires user interaction, such as convincing a user to click on a specially crafted link or to submit a form that triggers the vulnerability.

 
Waiting for details
CVE-2024-36233

Updating...
 

 
Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires user interaction, such as convincing a victim to click on a malicious link.

 
Waiting for details
CVE-2024-36232

Updating...
 

 
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim�??s browser when they browse to the page containing the vulnerable field.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top